public async Task <IActionResult> Create(CreateOpenIdApplicationViewModel model, string returnUrl = null) { if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageApplications)) { return(Forbid()); } if (!string.IsNullOrEmpty(model.ClientSecret) && string.Equals(model.Type, OpenIddictConstants.ClientTypes.Public, StringComparison.OrdinalIgnoreCase)) { ModelState.AddModelError(nameof(model.ClientSecret), S["No client secret can be set for public applications."]); } else if (string.IsNullOrEmpty(model.ClientSecret) && string.Equals(model.Type, OpenIddictConstants.ClientTypes.Confidential, StringComparison.OrdinalIgnoreCase)) { ModelState.AddModelError(nameof(model.ClientSecret), S["The client secret is required for confidential applications."]); } if (!string.IsNullOrEmpty(model.ClientId) && await _applicationManager.FindByClientIdAsync(model.ClientId) != null) { ModelState.AddModelError(nameof(model.ClientId), S["The client identifier is already taken by another application."]); } if (!ModelState.IsValid) { ViewData[nameof(OpenIdServerSettings)] = await GetServerSettingsAsync(); ViewData["ReturnUrl"] = returnUrl; return(View(model)); } var settings = new OpenIdApplicationSettings() { AllowAuthorizationCodeFlow = model.AllowAuthorizationCodeFlow, AllowClientCredentialsFlow = model.AllowClientCredentialsFlow, AllowHybridFlow = model.AllowHybridFlow, AllowImplicitFlow = model.AllowImplicitFlow, AllowLogoutEndpoint = model.AllowLogoutEndpoint, AllowPasswordFlow = model.AllowPasswordFlow, AllowRefreshTokenFlow = model.AllowRefreshTokenFlow, ClientId = model.ClientId, ClientSecret = model.ClientSecret, ConsentType = model.ConsentType, DisplayName = model.DisplayName, PostLogoutRedirectUris = model.PostLogoutRedirectUris, RedirectUris = model.RedirectUris, Roles = model.RoleEntries.Where(x => x.Selected).Select(x => x.Name).ToArray(), Scopes = model.ScopeEntries.Where(x => x.Selected).Select(x => x.Name).ToArray(), Type = model.Type }; await _applicationManager.UpdateDescriptorFromSettings(settings); if (string.IsNullOrEmpty(returnUrl)) { return(RedirectToAction(nameof(Index))); } return(this.LocalRedirect(returnUrl, true)); }
public async Task ExecuteAsync(RecipeExecutionContext context) { if (!string.Equals(context.Name, "OpenIdApplication", StringComparison.OrdinalIgnoreCase)) { return; } var model = context.Step.ToObject <OpenIdApplicationStepModel>(); var app = await _applicationManager.FindByClientIdAsync(model.ClientId); var settings = new OpenIdApplicationSettings() { AllowAuthorizationCodeFlow = model.AllowAuthorizationCodeFlow, AllowClientCredentialsFlow = model.AllowClientCredentialsFlow, AllowHybridFlow = model.AllowHybridFlow, AllowImplicitFlow = model.AllowImplicitFlow, AllowIntrospectionEndpoint = model.AllowIntrospectionEndpoint, AllowLogoutEndpoint = model.AllowLogoutEndpoint, AllowPasswordFlow = model.AllowPasswordFlow, AllowRefreshTokenFlow = model.AllowRefreshTokenFlow, AllowRevocationEndpoint = model.AllowRevocationEndpoint, ClientId = model.ClientId, ClientSecret = model.ClientSecret, ConsentType = model.ConsentType, DisplayName = model.DisplayName, PostLogoutRedirectUris = model.PostLogoutRedirectUris, RedirectUris = model.RedirectUris, Roles = model.RoleEntries.Select(x => x.Name).ToArray(), Scopes = model.ScopeEntries.Select(x => x.Name).ToArray(), Type = model.Type, RequireProofKeyForCodeExchange = model.RequireProofKeyForCodeExchange, }; await _applicationManager.UpdateDescriptorFromSettings(settings, app); }
public async Task <IActionResult> Edit(EditOpenIdApplicationViewModel model, string returnUrl = null) { if (!await _authorizationService.AuthorizeAsync(User, Permissions.ManageApplications)) { return(Forbid()); } var application = await _applicationManager.FindByPhysicalIdAsync(model.Id); if (application == null) { return(NotFound()); } // If the application was a public client and is now a confidential client, ensure a client secret was provided. if (string.IsNullOrEmpty(model.ClientSecret) && !string.Equals(model.Type, OpenIddictConstants.ClientTypes.Public, StringComparison.OrdinalIgnoreCase) && await _applicationManager.HasClientTypeAsync(application, OpenIddictConstants.ClientTypes.Public)) { ModelState.AddModelError(nameof(model.ClientSecret), S["Setting a new client secret is required."]); } if (!string.IsNullOrEmpty(model.ClientSecret) && string.Equals(model.Type, OpenIddictConstants.ClientTypes.Public, StringComparison.OrdinalIgnoreCase)) { ModelState.AddModelError(nameof(model.ClientSecret), S["No client secret can be set for public applications."]); } if (ModelState.IsValid) { var other = await _applicationManager.FindByClientIdAsync(model.ClientId); if (other != null && !string.Equals( await _applicationManager.GetIdAsync(other), await _applicationManager.GetIdAsync(application), StringComparison.Ordinal)) { ModelState.AddModelError(nameof(model.ClientId), S["The client identifier is already taken by another application."]); } } if (!ModelState.IsValid) { ViewData[nameof(OpenIdServerSettings)] = await GetServerSettingsAsync(); ViewData["ReturnUrl"] = returnUrl; return(View(model)); } var settings = new OpenIdApplicationSettings() { AllowAuthorizationCodeFlow = model.AllowAuthorizationCodeFlow, AllowClientCredentialsFlow = model.AllowClientCredentialsFlow, AllowHybridFlow = model.AllowHybridFlow, AllowImplicitFlow = model.AllowImplicitFlow, AllowIntrospectionEndpoint = model.AllowIntrospectionEndpoint, AllowLogoutEndpoint = model.AllowLogoutEndpoint, AllowPasswordFlow = model.AllowPasswordFlow, AllowRefreshTokenFlow = model.AllowRefreshTokenFlow, AllowRevocationEndpoint = model.AllowRevocationEndpoint, ClientId = model.ClientId, ClientSecret = model.ClientSecret, ConsentType = model.ConsentType, DisplayName = model.DisplayName, PostLogoutRedirectUris = model.PostLogoutRedirectUris, RedirectUris = model.RedirectUris, Roles = model.RoleEntries.Where(x => x.Selected).Select(x => x.Name).ToArray(), Scopes = model.ScopeEntries.Where(x => x.Selected).Select(x => x.Name).ToArray(), Type = model.Type, RequireProofKeyForCodeExchange = model.RequireProofKeyForCodeExchange }; await _applicationManager.UpdateDescriptorFromSettings(settings, application); if (string.IsNullOrEmpty(returnUrl)) { return(RedirectToAction(nameof(Index))); } return(this.LocalRedirect(returnUrl, true)); }