public async Task <bool> DeleteAsync(Core.Models.Client client) { using (var transaction = await _context.Database.BeginTransactionAsync().ConfigureAwait(false)) { try { var result = await _context.Clients.FirstOrDefaultAsync(c => c.ClientId == client.ClientId).ConfigureAwait(false); if (result == null) { return(false); } _context.Clients.Remove(result); await _context.SaveChangesAsync().ConfigureAwait(false); transaction.Commit(); return(true); } catch (Exception ex) { _managerEventSource.Failure(ex); transaction.Rollback(); return(false); } } }
public async Task <ActionResult> Index(string code) { var request = _dataProtector.Unprotect <AuthorizationRequest>(code); var client = new Core.Models.Client(); var authenticatedUser = await this.GetAuthenticatedUser(Constants.CookieName); var actionResult = await _consentActions.DisplayConsent(request.ToParameter(), authenticatedUser); var result = this.CreateRedirectionFromActionResult(actionResult.ActionResult, request); if (result != null) { return(result); } await TranslateConsentScreen(request.UiLocales); var viewModel = new ConsentViewModel { ClientDisplayName = client.ClientName, AllowedScopeDescriptions = actionResult.Scopes == null ? new List <string>() : actionResult.Scopes.Select(s => s.Description).ToList(), AllowedIndividualClaims = actionResult.AllowedClaims == null ? new List <string>() : actionResult.AllowedClaims, LogoUri = client.LogoUri, PolicyUri = client.PolicyUri, TosUri = client.TosUri, Code = code }; return(View(viewModel)); }
public async Task <bool> DeleteAsync(Core.Models.Client client) { using (var transaction = _context.Database.BeginTransaction()) { try { var connectedClient = await _context.Clients .Include(c => c.ClientScopes) .Include(c => c.JsonWebKeys) .Include(c => c.ClientSecrets) .FirstOrDefaultAsync(c => c.ClientId == client.ClientId) .ConfigureAwait(false); if (connectedClient == null) { return(false); } _context.Clients.Remove(connectedClient); await _context.SaveChangesAsync().ConfigureAwait(false); transaction.Commit(); } catch (Exception ex) { _managerEventSource.Failure(ex); transaction.Rollback(); return(false); } } return(true); }
public static Core.Models.Client ToDomain(this IdentityServer4.EntityFramework.Entities.Client client) { var result = new Core.Models.Client { ClientId = client.ClientId, ClientSecret = client.ClientSecrets == null || !client.ClientSecrets.Any() ? string.Empty : client.ClientSecrets.First().Value, LogoUri = client.LogoUri, ClientName = client.ClientName, ClientUri = client.ClientUri, IdTokenSignedResponseAlg = "RS256", IdTokenEncryptedResponseAlg = null, IdTokenEncryptedResponseEnc = null, TokenEndPointAuthMethod = TokenEndPointAuthenticationMethods.client_secret_basic, AllowedScopes = client.AllowedScopes == null || !client.AllowedScopes.Any() ? new List <Core.Models.Scope>() : client.AllowedScopes.Select(s => s.ToDomain()).ToList(), RedirectionUrls = client.RedirectUris == null || !client.RedirectUris.Any() ? new List <string>() : client.RedirectUris.Select(s => s.RedirectUri).ToList(), ApplicationType = ApplicationTypes.web }; if (client.AllowedGrantTypes != null) { var grantingMethod = _mappingIdServerGrantTypesToGrantingMethods.FirstOrDefault(m => client.AllowedGrantTypes.Count() == m.Key.Count() && m.Key.All(g => client.AllowedGrantTypes.Any(c => c.GrantType == g))); if (!grantingMethod.Equals(default(KeyValuePair <IEnumerable <string>, GrantingMethod>))) { result.ResponseTypes = grantingMethod.Value.ResponseTypes; result.GrantTypes = grantingMethod.Value.GrantTypes; } } return(result); }
public static IdentityServer4.EntityFramework.Entities.Client ToEntity(this Core.Models.Client client) { var result = new IdentityServer4.EntityFramework.Entities.Client { ClientId = client.ClientId, ClientName = client.ClientName, Enabled = true, RequireClientSecret = true, RequireConsent = true, AllowRememberConsent = true, LogoutSessionRequired = true, IdentityTokenLifetime = 300, AccessTokenLifetime = 3600, AuthorizationCodeLifetime = 300, AbsoluteRefreshTokenLifetime = 2592000, SlidingRefreshTokenLifetime = 1296000, RefreshTokenUsage = (int)TokenUsage.OneTimeOnly, RefreshTokenExpiration = (int)TokenExpiration.Absolute, EnableLocalLogin = true, PrefixClientClaims = true, AllowAccessTokensViaBrowser = true, LogoUri = client.LogoUri, ClientUri = client.ClientUri, AllowedScopes = client.AllowedScopes == null || !client.AllowedScopes.Any() ? new List <IdentityServer4.EntityFramework.Entities.ClientScope>() : client.AllowedScopes.Select(s => new IdentityServer4.EntityFramework.Entities.ClientScope { Scope = s.Name }).ToList(), RedirectUris = client.RedirectionUrls == null || !client.RedirectionUrls.Any() ? new List <IdentityServer4.EntityFramework.Entities.ClientRedirectUri>() : client.RedirectionUrls.Select(r => new IdentityServer4.EntityFramework.Entities.ClientRedirectUri { RedirectUri = r }).ToList(), ClientSecrets = string.IsNullOrWhiteSpace(client.ClientSecret) ? new List <IdentityServer4.EntityFramework.Entities.ClientSecret>() : new List <IdentityServer4.EntityFramework.Entities.ClientSecret> { new IdentityServer4.EntityFramework.Entities.ClientSecret { Value = client.ClientSecret, Type = "SharedSecret" } } }; var grantingMethod = new GrantingMethod { GrantTypes = client.GrantTypes, ResponseTypes = client.ResponseTypes }; var meth = _mappingIdServerGrantTypesToGrantingMethods.FirstOrDefault(m => m.Value.Equals(grantingMethod)); if (meth.Equals(default(KeyValuePair <IEnumerable <string>, GrantingMethod>))) { throw new InvalidOperationException("The grant type is not supported"); } result.AllowedGrantTypes = meth.Key.Select(g => new IdentityServer4.EntityFramework.Entities.ClientGrantType { GrantType = g }).ToList(); return(result); }
public async Task <bool> UpdateAsync(Core.Models.Client client) { using (var transaction = await _context.Database.BeginTransactionAsync().ConfigureAwait(false)) { try { var record = client.ToEntity(); var result = await _context.Clients.FirstOrDefaultAsync(c => c.ClientId == record.ClientId).ConfigureAwait(false); if (result == null) { return(false); } result.ClientName = record.ClientName; result.Enabled = record.Enabled; result.RequireClientSecret = record.RequireClientSecret; result.RequireConsent = record.RequireConsent; result.AllowRememberConsent = record.AllowRememberConsent; result.LogoutSessionRequired = record.LogoutSessionRequired; result.IdentityTokenLifetime = record.IdentityTokenLifetime; result.AccessTokenLifetime = record.AccessTokenLifetime; result.AuthorizationCodeLifetime = record.AuthorizationCodeLifetime; result.AbsoluteRefreshTokenLifetime = record.AbsoluteRefreshTokenLifetime; result.SlidingRefreshTokenLifetime = record.SlidingRefreshTokenLifetime; result.RefreshTokenUsage = record.RefreshTokenUsage; result.RefreshTokenExpiration = record.RefreshTokenExpiration; result.EnableLocalLogin = record.EnableLocalLogin; result.PrefixClientClaims = record.PrefixClientClaims; result.LogoUri = record.LogoUri; result.ClientUri = record.ClientUri; result.AllowedScopes = record.AllowedScopes; result.RedirectUris = record.RedirectUris; result.AllowedGrantTypes = record.AllowedGrantTypes; await _context.SaveChangesAsync().ConfigureAwait(false);; transaction.Commit(); return(true); } catch (Exception ex) { _managerEventSource.Failure(ex); transaction.Rollback(); return(false); } } }
public static IdentityClient ToEntity(this Core.Models.Client s) { if (s == null) { return(null); } if (s.ClientSecrets == null) { s.ClientSecrets = new List <Secret>(); } if (s.RedirectUris == null) { s.RedirectUris = new List <string>(); } if (s.PostLogoutRedirectUris == null) { s.PostLogoutRedirectUris = new List <string>(); } if (s.AllowedScopes == null) { s.AllowedScopes = new List <string>(); } if (s.IdentityProviderRestrictions == null) { s.IdentityProviderRestrictions = new List <string>(); } if (s.Claims == null) { s.Claims = new List <Claim>(); } if (s.AllowedCustomGrantTypes == null) { s.AllowedCustomGrantTypes = new List <string>(); } if (s.AllowedCorsOrigins == null) { s.AllowedCorsOrigins = new List <string>(); } return(Config.CreateMapper().Map <Core.Models.Client, IdentityClient>(s)); }
public async Task <bool> InsertAsync(Core.Models.Client client) { using (var transaction = await _context.Database.BeginTransactionAsync().ConfigureAwait(false)) { try { var record = client.ToEntity(); _context.Clients.Add(record); await _context.SaveChangesAsync().ConfigureAwait(false);; transaction.Commit(); return(true); } catch (Exception ex) { _managerEventSource.Failure(ex); transaction.Rollback(); return(false); } } }
public async Task <bool> UpdateAsync(Core.Models.Client client) { using (var translation = _context.Database.BeginTransaction()) { try { var grantTypes = client.GrantTypes == null ? string.Empty : ConcatListOfIntegers(client.GrantTypes.Select(k => (int)k).ToList()); var responseTypes = client.ResponseTypes == null ? string.Empty : ConcatListOfIntegers(client.ResponseTypes.Select(r => (int)r).ToList()); var connectedClient = await _context.Clients .Include(c => c.ClientScopes) .FirstOrDefaultAsync(c => c.ClientId == client.ClientId) .ConfigureAwait(false); connectedClient.ClientName = client.ClientName; connectedClient.ClientUri = client.ClientUri; connectedClient.Contacts = ConcatListOfStrings(client.Contacts); connectedClient.DefaultAcrValues = client.DefaultAcrValues; connectedClient.DefaultMaxAge = client.DefaultMaxAge; connectedClient.GrantTypes = grantTypes; connectedClient.IdTokenEncryptedResponseAlg = client.IdTokenEncryptedResponseAlg; connectedClient.IdTokenEncryptedResponseEnc = client.IdTokenEncryptedResponseEnc; connectedClient.IdTokenSignedResponseAlg = client.IdTokenSignedResponseAlg; connectedClient.InitiateLoginUri = client.InitiateLoginUri; connectedClient.JwksUri = client.JwksUri; connectedClient.LogoUri = client.LogoUri; connectedClient.PolicyUri = client.PolicyUri; connectedClient.RedirectionUrls = ConcatListOfStrings(client.RedirectionUrls); connectedClient.RequestObjectEncryptionAlg = client.RequestObjectEncryptionAlg; connectedClient.RequestObjectEncryptionEnc = client.RequestObjectEncryptionEnc; connectedClient.RequestObjectSigningAlg = client.RequestObjectSigningAlg; connectedClient.RequestUris = ConcatListOfStrings(client.RequestUris); connectedClient.RequireAuthTime = client.RequireAuthTime; connectedClient.ResponseTypes = responseTypes; connectedClient.SectorIdentifierUri = client.SectorIdentifierUri; connectedClient.SubjectType = client.SubjectType; connectedClient.TokenEndPointAuthMethod = (TokenEndPointAuthenticationMethods)client.TokenEndPointAuthMethod; connectedClient.TokenEndPointAuthSigningAlg = client.TokenEndPointAuthSigningAlg; connectedClient.TosUri = client.TosUri; connectedClient.UserInfoEncryptedResponseAlg = client.UserInfoEncryptedResponseAlg; connectedClient.UserInfoEncryptedResponseEnc = client.UserInfoEncryptedResponseEnc; connectedClient.UserInfoSignedResponseAlg = client.UserInfoSignedResponseAlg; connectedClient.ScimProfile = client.ScimProfile; var scopesNotToBeDeleted = new List <string>(); if (client.AllowedScopes != null) { foreach (var scope in client.AllowedScopes) { var record = connectedClient.ClientScopes.FirstOrDefault(c => c.ScopeName == scope.Name); if (record == null) { record = new ClientScope { ClientId = connectedClient.ClientId, ScopeName = scope.Name }; connectedClient.ClientScopes.Add(record); } scopesNotToBeDeleted.Add(record.ScopeName); } } var scopeNames = connectedClient.ClientScopes.Select(o => o.ScopeName).ToList(); foreach (var scopeName in scopeNames.Where(id => !scopesNotToBeDeleted.Contains(id))) { connectedClient.ClientScopes.Remove(connectedClient.ClientScopes.First(s => s.ScopeName == scopeName)); } await _context.SaveChangesAsync(); translation.Commit(); } catch (Exception ex) { _managerEventSource.Failure(ex); translation.Rollback(); return(false); } } return(true); }
public async Task <bool> InsertAsync(Core.Models.Client client) { using (var transaction = _context.Database.BeginTransaction()) { try { var scopes = new List <ClientScope>(); var jsonWebKeys = new List <JsonWebKey>(); var clientSecrets = new List <ClientSecret>(); var grantTypes = client.GrantTypes == null ? string.Empty : ConcatListOfIntegers(client.GrantTypes.Select(k => (int)k).ToList()); var responseTypes = client.ResponseTypes == null ? string.Empty : ConcatListOfIntegers(client.ResponseTypes.Select(r => (int)r).ToList()); if (client.AllowedScopes != null) { var scopeNames = client.AllowedScopes.Select(s => s.Name).ToList(); scopes = _context.Scopes.Where(s => scopeNames.Contains(s.Name)) .Select(s => new ClientScope { ScopeName = s.Name }) .ToList(); } if (client.JsonWebKeys != null) { client.JsonWebKeys.ForEach(jsonWebKey => { var jsonWebKeyRecord = new JsonWebKey { Kid = jsonWebKey.Kid, Use = (Use)jsonWebKey.Use, Kty = (KeyType)jsonWebKey.Kty, SerializedKey = jsonWebKey.SerializedKey, X5t = jsonWebKey.X5t, X5tS256 = jsonWebKey.X5tS256, X5u = jsonWebKey.X5u == null ? string.Empty : jsonWebKey.X5u.AbsoluteUri, Alg = (AllAlg)jsonWebKey.Alg, KeyOps = jsonWebKey.KeyOps == null ? string.Empty : ConcatListOfIntegers(jsonWebKey.KeyOps.Select(k => (int)k).ToList()) }; jsonWebKeys.Add(jsonWebKeyRecord); }); } if (client.Secrets != null) { foreach (var secret in client.Secrets) { clientSecrets.Add(new ClientSecret { Id = Guid.NewGuid().ToString(), ClientId = client.ClientId, Type = (SecretTypes)secret.Type, Value = secret.Value }); } } var newClient = new Models.Client { ClientId = client.ClientId, ClientName = client.ClientName, ClientUri = client.ClientUri, IdTokenEncryptedResponseAlg = client.IdTokenEncryptedResponseAlg, IdTokenEncryptedResponseEnc = client.IdTokenEncryptedResponseEnc, JwksUri = client.JwksUri, TosUri = client.TosUri, LogoUri = client.LogoUri, PolicyUri = client.PolicyUri, RequestObjectEncryptionAlg = client.RequestObjectEncryptionAlg, RequestObjectEncryptionEnc = client.RequestObjectEncryptionEnc, IdTokenSignedResponseAlg = client.IdTokenSignedResponseAlg, RequireAuthTime = client.RequireAuthTime, SectorIdentifierUri = client.SectorIdentifierUri, SubjectType = client.SubjectType, TokenEndPointAuthSigningAlg = client.TokenEndPointAuthSigningAlg, UserInfoEncryptedResponseAlg = client.UserInfoEncryptedResponseAlg, UserInfoSignedResponseAlg = client.UserInfoSignedResponseAlg, UserInfoEncryptedResponseEnc = client.UserInfoEncryptedResponseEnc, DefaultMaxAge = client.DefaultMaxAge, DefaultAcrValues = client.DefaultAcrValues, InitiateLoginUri = client.InitiateLoginUri, RequestObjectSigningAlg = client.RequestObjectSigningAlg, TokenEndPointAuthMethod = (Models.TokenEndPointAuthenticationMethods)client.TokenEndPointAuthMethod, ApplicationType = (Models.ApplicationTypes)client.ApplicationType, RequestUris = ConcatListOfStrings(client.RequestUris), RedirectionUrls = ConcatListOfStrings(client.RedirectionUrls), Contacts = ConcatListOfStrings(client.Contacts), ClientScopes = scopes, JsonWebKeys = jsonWebKeys, GrantTypes = grantTypes, ResponseTypes = responseTypes, ScimProfile = client.ScimProfile, ClientSecrets = clientSecrets }; _context.Clients.Add(newClient); await _context.SaveChangesAsync().ConfigureAwait(false); transaction.Commit(); } catch (Exception ex) { _managerEventSource.Failure(ex); transaction.Rollback(); return(false); } } return(true); }