protected virtual void SetDefaultApplicationType(OpenIdClient openidClient) { if (string.IsNullOrWhiteSpace(openidClient.ApplicationType)) { openidClient.ApplicationType = "web"; } }
public async Task Should_successfully_authenticate_query() { var response = await OpenIdClient.RequestTokenAsync(RequestFactory.CorrectPasswordAuthenticationRequest()); response.AccessToken.Should().NotBeNullOrWhiteSpace(); response.ExpiresInSeconds.Should().BeGreaterThan(0); }
protected virtual void SetDefaultSubjectType(OpenIdClient openidClient) { if (string.IsNullOrWhiteSpace(openidClient.SubjectType)) { openidClient.SubjectType = _openIDHostOptions.DefaultSubjectType; } }
protected virtual void SetRequestObjectEncryptionAlg(OpenIdClient openidClient) { if (!string.IsNullOrWhiteSpace(openidClient.RequestObjectEncryptionAlg) && string.IsNullOrWhiteSpace(openidClient.RequestObjectEncryptionEnc)) { openidClient.RequestObjectEncryptionEnc = A128CBCHS256EncHandler.ENC_NAME; } }
protected virtual void SetUserInfoEncryptedResponseAlg(OpenIdClient openidClient) { if (!string.IsNullOrWhiteSpace(openidClient.UserInfoEncryptedResponseAlg) && string.IsNullOrWhiteSpace(openidClient.UserInfoEncryptedResponseEnc)) { openidClient.UserInfoEncryptedResponseEnc = A128CBCHS256EncHandler.ENC_NAME; } }
protected BaseTests(ITestOutputHelper output) { var testData = AuthTestData.LoadFromJsonFile(); var log = new TestLog(output); RequestFactory = new OpenIdRequestFactory(testData); OpenIdClient = OpenIdClientFactory.CreateTestClient(testData.OpenIdServer, log); }
private async Task ShouldFail(PasswordTokenRequest request) { Func <Task> action = () => OpenIdClient.RequestTokenAsync(request); var exception = (await action.Should().ThrowAsync <OpenIdException>()).Which; Console.WriteLine(exception); }
protected void EnrichOpenIdClient(OpenIdClient openidClient) { EnrichClient(openidClient); SetDefaultApplicationType(openidClient); SetDefaultSubjectType(openidClient); SetDefaultIdTokenResponseAlg(openidClient); SetDefaultMaxAge(openidClient); SetDefaultIdTokenEncryptedResponseAlg(openidClient); SetUserInfoEncryptedResponseAlg(openidClient); SetRequestObjectEncryptionAlg(openidClient); }
private async Task <string> GetFirstAmr(IEnumerable <string> acrValues, OpenIdClient client) { var acr = await _amrHelper.FetchDefaultAcr(acrValues, client); if (acr == null) { return(null); } return(acr.AuthenticationMethodReferences.First()); }
public void LbtnOpenIDAddClick(object sender, EventArgs e) { OpenIdClient openID = new OpenIdClient(); openID.Identity = this.TxtOpenIDNew.Text; UserProfile.Current.OpenID = openID.Identity; UserProfile.Current.Save(); //openID.AuthVersion = ProtocolVersion.V2_0; //openID.ReturnUrl = new Uri(string.Format("{0}://{1}:{2}{3}", Request.Url.Scheme, Request.Url.Host, Request.Url.Port, Request.Path)); //openID.BeginAuth(); openID.CreateRequest(false, true); }
protected void EnrichOpenIdClient(OpenIdClient openidClient, HandlerContext handlerContext) { EnrichClient(openidClient); SetDefaultApplicationType(openidClient); SetDefaultSubjectType(openidClient); SetDefaultIdTokenResponseAlg(openidClient); SetDefaultMaxAge(openidClient); SetDefaultIdTokenEncryptedResponseAlg(openidClient); SetUserInfoEncryptedResponseAlg(openidClient); SetRequestObjectEncryptionAlg(openidClient); SetBCNotification(openidClient, handlerContext); SetFrontChannel(openidClient, handlerContext); SetBackchannelLogoutSupported(openidClient, handlerContext); }
public async Task Enrich(JwsPayload jwsPayload, OpenIdClient client) { var subject = jwsPayload.GetClaimValue(Jwt.Constants.UserClaims.Subject); using (var httpClient = new HttpClient()) { var request = new HttpRequestMessage { RequestUri = new Uri(_httpClaimsSourceOptions.Url), Method = HttpMethod.Get, // Content = new StringContent(JsonConvert.SerializeObject(new { sub = subject }), Encoding.UTF8, "application/json") }; if (!string.IsNullOrWhiteSpace(_httpClaimsSourceOptions.ApiToken)) { request.Headers.Add("Authorization", $"Bearer {_httpClaimsSourceOptions.ApiToken}"); } var result = await httpClient.SendAsync(request).ConfigureAwait(false); var json = await result.Content.ReadAsStringAsync().ConfigureAwait(false); var kvp = result.Content.Headers.FirstOrDefault(k => k.Key == "Content-Type"); if (!kvp.Equals(default(KeyValuePair <string, IEnumerable <string> >)) && !string.IsNullOrWhiteSpace(kvp.Key) && result.IsSuccessStatusCode) { string jwt = null; JwsPayload jObj = null; if (kvp.Value.Any(v => v.Contains("application/json"))) { jObj = JsonConvert.DeserializeObject <JwsPayload>(json); jwt = await _jwtBuilder.BuildClientToken(client, jObj, client.IdTokenSignedResponseAlg, client.IdTokenEncryptedResponseAlg, client.IdTokenEncryptedResponseEnc); } else if (kvp.Value.Any(v => v.Contains("application/jwt"))) { throw new NotImplementedException(); /* * jwt = json; * jObj = Extract(json); */ } if (!string.IsNullOrWhiteSpace(jwt)) { ClaimsSourceHelper.AddAggregate(jwsPayload, jObj, jwt, _httpClaimsSourceOptions.Name); } } } }
protected void Page_Load(object sender, EventArgs e) { user = DataObject.Load <DataObjectUser>(UserProfile.Current.UserId, null, true); if (user.State != ObjectState.Added) { if (!string.IsNullOrEmpty(user.OpenID)) { this.LitOpenIDCur.Text = user.OpenID; } else { this.LitOpenIDCur.Text = language.GetString("MessageOpenIdNone"); } } if (!IsPostBack) { OpenIdClient openID = new OpenIdClient(); switch (openID.RequestedMode) { case RequestedMode.IdResolution: openID.Identity = UserProfile.Current.OpenID; if (openID.ValidateResponse()) { OpenIdUser openIDUser = openID.RetrieveUser(); user.OpenID = openIDUser.Identity; user.Update(UserDataContext.GetUserDataContext()); UserProfile.Current.OpenID = string.Empty; UserProfile.Current.Save(); this.LitOpenIDMsg.Text = language.GetString("MessageOpenIdConfirmed"); this.LitOpenIDCur.Text = user.OpenID; } else { this.LitOpenIDMsg.Text = language.GetString("MessageOpenIdNotConfirmed"); } break; case RequestedMode.CanceledByUser: this.LitOpenIDMsg.Text = language.GetString("MessageOpenIdCanceled"); break; } } }
protected async Task SendLogoutToken(OpenIdClient openIdClient, string sessionId, CancellationToken cancellationToken) { if (string.IsNullOrWhiteSpace(openIdClient.BackChannelLogoutUri)) { return; } var currentDateTime = DateTime.UtcNow; var events = new JObject { { "http://schemas.openid.net/event/backchannel-logout", new JObject() } }; var jwsPayload = new JwsPayload { { Jwt.Constants.OAuthClaims.Issuer, Request.GetAbsoluteUriWithVirtualPath() }, { Jwt.Constants.UserClaims.Subject, User.Claims.First(c => c.Type == ClaimTypes.NameIdentifier).Value }, { Jwt.Constants.OAuthClaims.Audiences, openIdClient.ClientId }, { Jwt.Constants.OAuthClaims.Iat, currentDateTime.ConvertToUnixTimestamp() }, { Jwt.Constants.OAuthClaims.Jti, Guid.NewGuid().ToString() }, { Jwt.Constants.OAuthClaims.Events, events } }; if (openIdClient.BackChannelLogoutSessionRequired) { jwsPayload.Add(Jwt.Constants.OAuthClaims.Sid, sessionId); } var logoutToken = await _jwtBuilder.Sign(jwsPayload, openIdClient.TokenSignedResponseAlg, cancellationToken); using (var httpClient = _httpClientFactory.GetHttpClient()) { var body = new FormUrlEncodedContent(new List <KeyValuePair <string, string> > { new KeyValuePair <string, string>("logout_token", logoutToken) }); var request = new HttpRequestMessage { Method = HttpMethod.Post, Content = body, RequestUri = new Uri(openIdClient.BackChannelLogoutUri) }; await httpClient.SendAsync(request); } }
protected void OpenIDButtonClick(object sender, EventArgs e) { if (!string.IsNullOrEmpty(this.TxtOpenID.Text)) { OpenIdClient openID = new OpenIdClient(); openID.Identity = this.TxtOpenID.Text; UserProfile.Current.OpenID = openID.Identity; UserProfile.Current.Save(); SimpleRegistration simpleRegistration = new SimpleRegistration(openID); simpleRegistration.RequiredFields = "nickname,email"; simpleRegistration.OptionalFields = "fullname,gender"; openID.CreateRequest(false, true); } else { LitOpenIDMsg.Text = language.GetString("MessageOpenIDMissing"); } }
protected string BuildFrontChannelLogoutUrl(OpenIdClient client, string sessionId) { if (string.IsNullOrWhiteSpace(client.FrontChannelLogoutUri)) { return(null); } var url = client.FrontChannelLogoutUri; if (client.FrontChannelLogoutSessionRequired) { var issuer = Request.GetAbsoluteUriWithVirtualPath(); url = QueryHelpers.AddQueryString(url, new Dictionary <string, string> { { Jwt.Constants.OAuthClaims.Issuer, issuer }, { Jwt.Constants.OAuthClaims.Sid, sessionId } }); } return(url); }
public static void RegisterAuth() { OAuthWebSecurity.RegisterTwitterClient( consumerKey: "85CmzrPeNbfDBLqQDhZWvJvj2", consumerSecret: "X6dW6my1ypjUAebxZVINn2QIrFrvJ2oe5hddLgi827JOv5nFjF"); OAuthWebSecurity.RegisterFacebookClient( appId: "960531237445623", appSecret: "cd7f8a90861694ae5e252bfe6fd6a699"); OAuthWebSecurity.RegisterGoogleClient(); //var extraData = new Dictionary<string, object>(); //extraData.Add("clientId", "000-000.apps.googleusercontent.com"); //extraData.Add("clientSecret", "00000000000"); //OAuthWebSecurity.RegisterGoogleClient("google", extraData); OAuthWebSecurity.RegisterYahooClient(); var MyOpenIdClient = new OpenIdClient("myopenid", WellKnownProviders.MyOpenId); OAuthWebSecurity.RegisterClient(MyOpenIdClient, "myOpenID", null); }
public async Task <string> Handle(string language, JObject jObj, CancellationToken cancellationToken) { var currentDateTime = DateTime.UtcNow; DateTime?expirationDateTime = null; if (_options.ClientSecretExpirationInSeconds != null) { expirationDateTime = currentDateTime.AddSeconds(_options.ClientSecretExpirationInSeconds.Value); } var parameter = jObj.ToCreateOpenIdClientParameter(); var openidClient = OpenIdClient.Create(parameter.ApplicationKind.Value, parameter.ClientName, language, expirationDateTime, _options.DefaultTokenExpirationTimeInSeconds, _options.DefaultRefreshTokenExpirationTimeInSeconds); await _oauthClientRepository.Add(openidClient, cancellationToken); await _oauthClientRepository.SaveChanges(cancellationToken); return(openidClient.ClientId); }
protected virtual void CheckBC(OpenIdClient openIdClient) { if (!string.IsNullOrWhiteSpace(openIdClient.BCTokenDeliveryMode)) { if (!SIDOpenIdConstants.AllStandardNotificationModes.Contains(openIdClient.BCTokenDeliveryMode)) { throw new OAuthException(ErrorCodes.INVALID_CLIENT_METADATA, ErrorMessages.INVALID_BC_DELIVERY_MODE); } if (openIdClient.BCTokenDeliveryMode == SIDOpenIdConstants.StandardNotificationModes.Ping || openIdClient.BCTokenDeliveryMode == SIDOpenIdConstants.StandardNotificationModes.Push) { if (string.IsNullOrWhiteSpace(openIdClient.BCClientNotificationEndpoint)) { throw new OAuthException(ErrorCodes.INVALID_CLIENT_METADATA, string.Format(OAuth.ErrorMessages.MISSING_PARAMETER, OpenIdClientParameters.BCClientNotificationEndpoint)); } } } if (!string.IsNullOrWhiteSpace(openIdClient.BCClientNotificationEndpoint)) { if (!Uri.TryCreate(openIdClient.BCClientNotificationEndpoint, UriKind.Absolute, out Uri uri)) { throw new OAuthException(ErrorCodes.INVALID_CLIENT_METADATA, ErrorMessages.INVALID_BC_CLIENT_NOTIFICATION_EDP); } if (uri.Scheme != "https") { throw new OAuthException(ErrorCodes.INVALID_CLIENT_METADATA, ErrorMessages.INVALID_HTTPS_BC_CLIENT_NOTIFICATION_EDP); } } if (!string.IsNullOrWhiteSpace(openIdClient.BCAuthenticationRequestSigningAlg)) { CheckSignature(openIdClient.BCAuthenticationRequestSigningAlg, ErrorMessages.UNSUPPORTED_BC_AUTHENTICATION_REQUEST_SIGNING_ALG); } }
public static OpenIdClient CreateTestClient(string openIdServerUrl, ILog log) => OpenIdClient.Create(new RequestTimeouts(), new TestingHttpClientConfiguration(openIdServerUrl), log);
protected async Task <string> GetFirstAmr(IEnumerable <string> acrValues, IEnumerable <AuthorizationRequestClaimParameter> claims, OpenIdClient client, CancellationToken cancellationToken) { var acr = await _amrHelper.FetchDefaultAcr(acrValues, claims, client, cancellationToken); if (acr == null) { return(null); } return(acr.AuthenticationMethodReferences.First()); }
public async Task <AuthenticationContextClassReference> FetchDefaultAcr(IEnumerable <string> requestedAcrValues, IEnumerable <AuthorizationRequestClaimParameter> requestedClaims, OpenIdClient openIdClient, CancellationToken cancellationToken) { var defaultAcr = await GetSupportedAcr(requestedAcrValues, cancellationToken); if (defaultAcr == null) { var acrClaim = requestedClaims.FirstOrDefault(r => r.Name == OAuthClaims.Acr); if (acrClaim != null) { defaultAcr = await GetSupportedAcr(acrClaim.Values, cancellationToken); if (defaultAcr == null && acrClaim.IsEssential) { throw new OAuthException(ErrorCodes.ACCESS_DENIED, ErrorMessages.NO_ESSENTIAL_ACR_IS_SUPPORTED); } } if (defaultAcr == null) { var acrs = new List <string>(); acrs.AddRange(openIdClient.DefaultAcrValues); acrs.Add(_options.DefaultAcrValue); defaultAcr = await GetSupportedAcr(acrs, cancellationToken); } } return(defaultAcr); }
public Task Enrich(JwsPayload jwsPayload, OpenIdClient openidClient, CancellationToken cancellationToken) { ClaimsSourceHelper.AddDistribute(jwsPayload, _distributeHttpClaimsSourceOptions.Name, _distributeHttpClaimsSourceOptions.Url, _distributeHttpClaimsSourceOptions.ApiToken, _distributeHttpClaimsSourceOptions.ClaimNames); return(Task.FromResult(0)); }
public async Task <AuthenticationContextClassReference> FetchDefaultAcr(IEnumerable <string> requestedAcrValues, OpenIdClient openidClient) { var acrs = new List <string>(); acrs.AddRange(requestedAcrValues); if (openidClient.DefaultAcrValues.Any()) { acrs.AddRange(openidClient.DefaultAcrValues); } if (!string.IsNullOrWhiteSpace(_openidHostOptions.DefaultAcrValue)) { acrs.Add(_openidHostOptions.DefaultAcrValue); } foreach (var acrValue in acrs) { var acr = await _authenticationContextClassReferenceRepository.FindACRByName(acrValue); if (acr != null) { return(acr); } } return(null); }
protected override void CheckRequestObject(JwsHeader header, JwsPayload jwsPayload, OpenIdClient openidClient, HandlerContext context) { base.CheckRequestObject(header, jwsPayload, openidClient, context); if (!jwsPayload.ContainsKey(Jwt.Constants.OAuthClaims.ExpirationTime)) { throw new OAuthException(ErrorCodes.INVALID_REQUEST, string.Format(ErrorMessages.MISSING_PARAMETER, Jwt.Constants.OAuthClaims.ExpirationTime)); } var currentDateTime = DateTime.UtcNow.ConvertToUnixTimestamp(); var exp = jwsPayload.GetExpirationTime(); if (currentDateTime > exp) { throw new OAuthException(ErrorCodes.INVALID_REQUEST_OBJECT, ErrorMessages.REQUEST_OBJECT_IS_EXPIRED); } var audiences = jwsPayload.GetAudiences(); if (audiences.Any() && !audiences.Contains(context.Request.IssuerName)) { throw new OAuthException(ErrorCodes.INVALID_REQUEST_OBJECT, ErrorMessages.REQUEST_OBJECT_BAD_AUDIENCE); } }
private void HandleOpenIDLogin() { OpenIdClient openID = new OpenIdClient(); switch (openID.RequestedMode) { case RequestedMode.IdResolution: openID.Identity = UserProfile.Current.OpenID; if (openID.ValidateResponse()) { OpenIdUser openIDUser = openID.RetrieveUser(); UserProfile.Current.OpenID = string.Empty; UserProfile.Current.Save(); CSBooster_DataContext csb = new CSBooster_DataContext(Helper.GetSiemeConnectionString()); var user = csb.hisp_DataObject_GetUserIDByOpenID(openIDUser.Identity).ElementAtOrDefault(0); if (user != null) // User exists { MembershipUser membershipUser = Membership.GetUser(user.USR_ID); if (membershipUser != null) { PerformLogin(membershipUser.UserName); } } else // User doesn't exist { string nickname = openIDUser.GetValue("openid.sreg.nickname"); string email = openIDUser.GetValue("openid.sreg.email"); string fullname = openIDUser.GetValue("openid.sreg.fullname") ?? nickname; string gender = openIDUser.GetValue("openid.sreg.gender"); string firstname = string.Empty; string lastname = string.Empty; if (!string.IsNullOrEmpty(nickname) && !string.IsNullOrEmpty(email)) { string[] splitFullname = fullname.Split(' '); if (splitFullname.Length > 0) { firstname = splitFullname[0]; } if (splitFullname.Length > 1) { lastname = splitFullname[1]; } if (DataObjectUser.CreateUser(AuthenticationType.OpenID, openIDUser.Identity, nickname, email, firstname, lastname, gender)) { PerformLogin(nickname); } } else { LitOpenIDMsg.Text = language.GetString("MessageOpenIDNoDataReceived"); } } } else { LitOpenIDMsg.Text = language.GetString("MessageOpenIDLoginNotSuccess"); } break; case RequestedMode.CanceledByUser: LitOpenIDMsg.Text = language.GetString("MessageOpenIDLoginCancel"); break; } }
protected virtual void CheckRequestObject(JwsHeader header, JwsPayload jwsPayload, OpenIdClient openidClient, HandlerContext context) { if (jwsPayload == null) { throw new OAuthException(ErrorCodes.INVALID_REQUEST, OAuth.ErrorMessages.INVALID_JWS_REQUEST_PARAMETER); } if (!string.IsNullOrWhiteSpace(openidClient.RequestObjectSigningAlg) && header.Alg != openidClient.RequestObjectSigningAlg) { throw new OAuthException(ErrorCodes.INVALID_REQUEST_OBJECT, ErrorMessages.INVALID_SIGNATURE_ALG); } if (!jwsPayload.ContainsKey(OAuth.DTOs.AuthorizationRequestParameters.ResponseType)) { throw new OAuthException(ErrorCodes.INVALID_REQUEST_OBJECT, ErrorMessages.MISSING_RESPONSE_TYPE_CLAIM); } if (!jwsPayload.ContainsKey(OAuth.DTOs.AuthorizationRequestParameters.ClientId)) { throw new OAuthException(ErrorCodes.INVALID_REQUEST_OBJECT, ErrorMessages.MISSING_CLIENT_ID_CLAIM); } if (!jwsPayload[OAuth.DTOs.AuthorizationRequestParameters.ResponseType].ToString().Split(' ').OrderBy(s => s).SequenceEqual(context.Request.RequestData.GetResponseTypesFromAuthorizationRequest().OrderBy(s => s))) { throw new OAuthException(ErrorCodes.INVALID_REQUEST_OBJECT, ErrorMessages.INVALID_RESPONSE_TYPE_CLAIM); } if (jwsPayload[OAuth.DTOs.AuthorizationRequestParameters.ClientId].ToString() != context.Client.ClientId) { throw new OAuthException(ErrorCodes.INVALID_REQUEST_OBJECT, ErrorMessages.INVALID_CLIENT_ID_CLAIM); } }
protected virtual void SetBackchannelLogoutSupported(OpenIdClient openidClient, HandlerContext handlerContext) { openidClient.BackChannelLogoutSessionRequired = handlerContext.Request.RequestData.GetBackChannelLogoutSessionRequired(); openidClient.BackChannelLogoutUri = handlerContext.Request.RequestData.GetBackChannelLogoutUri(); }
public ValidationResult(JwsPayload payload, OpenIdClient client) { Payload = payload; Client = client; }
protected override async Task <JObject> Create(HandlerContext context) { var jObj = context.Request.Data; var applicationType = GetDefaultApplicationType(jObj); var sectorIdentifierUri = jObj.GetSectorIdentifierUriFromRegisterRequest(); var subjectType = jObj.GetSubjectTypeFromRegisterRequest(); var idTokenSignedResponseAlg = jObj.GetIdTokenSignedResponseAlgFromRegisterRequest(); var idTokenEncryptedResponseAlg = jObj.GetIdTokenEncryptedResponseAlgFromRegisterRequest(); var idTokenEncryptedResponseEnc = jObj.GetIdTokenEncryptedResponseEncFromRegisterRequest(); var userInfoSignedResponseAlg = jObj.GetUserInfoSignedResponseAlgFromRegisterRequest(); var userInfoEncryptedResponseAlg = jObj.GetUserInfoEncryptedResponseAlgFromRegisterRequest(); var userInfoEncryptedResponseEnc = jObj.GetUserInfoEncryptedResponseEncFromRegisterRequest(); var requestObjectSigningAlg = jObj.GetRequestObjectSigningAlgFromRegisterRequest(); var requestObjectEncryptionAlg = jObj.GetRequestObjectEncryptionAlgFromRegisterRequest(); var requestObjectEncryptionEnc = jObj.GetRequestObjectEncryptionEncFromRegisterRequest(); var defaultMaxAge = jObj.GetDefaultMaxAgeFromRegisterRequest(); var requireAuthTime = jObj.GetRequireAuhTimeFromRegisterRequest(); var acrValues = jObj.GetDefaultAcrValuesFromRegisterRequest(); var postLogoutRedirectUris = jObj.GetPostLogoutRedirectUrisFromRegisterRequest(); if (string.IsNullOrWhiteSpace(subjectType)) { subjectType = _openIDHostOptions.DefaultSubjectType; } if (string.IsNullOrWhiteSpace(idTokenSignedResponseAlg)) { idTokenSignedResponseAlg = RSA256SignHandler.ALG_NAME; } if (defaultMaxAge == null) { defaultMaxAge = _openIDHostOptions.DefaultMaxAge; } if (requireAuthTime == null) { requireAuthTime = false; } if (!string.IsNullOrWhiteSpace(idTokenEncryptedResponseAlg) && string.IsNullOrWhiteSpace(idTokenEncryptedResponseEnc)) { idTokenEncryptedResponseEnc = A128CBCHS256EncHandler.ENC_NAME; } if (!string.IsNullOrWhiteSpace(userInfoEncryptedResponseAlg) && string.IsNullOrWhiteSpace(userInfoEncryptedResponseEnc)) { userInfoEncryptedResponseEnc = A128CBCHS256EncHandler.ENC_NAME; } if (!string.IsNullOrWhiteSpace(requestObjectEncryptionAlg) && string.IsNullOrWhiteSpace(requestObjectEncryptionEnc)) { requestObjectEncryptionEnc = A128CBCHS256EncHandler.ENC_NAME; } var openidClient = new OpenIdClient(); var result = await EnrichOAuthClient(context, openidClient); openidClient.ApplicationType = applicationType; openidClient.SectorIdentifierUri = sectorIdentifierUri; openidClient.SubjectType = subjectType; openidClient.IdTokenSignedResponseAlg = idTokenSignedResponseAlg; openidClient.IdTokenEncryptedResponseAlg = idTokenEncryptedResponseAlg; openidClient.IdTokenEncryptedResponseEnc = idTokenEncryptedResponseEnc; openidClient.UserInfoSignedResponseAlg = userInfoSignedResponseAlg; openidClient.UserInfoEncryptedResponseAlg = userInfoEncryptedResponseAlg; openidClient.UserInfoEncryptedResponseEnc = userInfoEncryptedResponseEnc; openidClient.RequestObjectSigningAlg = requestObjectSigningAlg; openidClient.RequestObjectEncryptionAlg = requestObjectEncryptionAlg; openidClient.RequestObjectEncryptionEnc = requestObjectEncryptionEnc; openidClient.DefaultMaxAge = defaultMaxAge; openidClient.RequireAuthTime = requireAuthTime.Value; openidClient.DefaultAcrValues = acrValues.ToList(); openidClient.PostLogoutRedirectUris = postLogoutRedirectUris.ToList(); OAuthClientCommandRepository.Add(openidClient); await OAuthClientCommandRepository.SaveChanges(); AddNotEmpty(result, RegisterRequestParameters.ApplicationType, applicationType); AddNotEmpty(result, RegisterRequestParameters.SectorIdentifierUri, sectorIdentifierUri); AddNotEmpty(result, RegisterRequestParameters.SubjectType, subjectType); AddNotEmpty(result, RegisterRequestParameters.IdTokenSignedResponseAlg, idTokenSignedResponseAlg); AddNotEmpty(result, RegisterRequestParameters.IdTokenEncryptedResponseAlg, idTokenEncryptedResponseAlg); AddNotEmpty(result, RegisterRequestParameters.IdTokenEncryptedResponseEnc, idTokenEncryptedResponseEnc); AddNotEmpty(result, RegisterRequestParameters.UserInfoSignedResponseAlg, userInfoSignedResponseAlg); AddNotEmpty(result, RegisterRequestParameters.UserInfoEncryptedResponseAlg, userInfoEncryptedResponseAlg); AddNotEmpty(result, RegisterRequestParameters.UserInfoEncryptedResponseEnc, userInfoEncryptedResponseEnc); AddNotEmpty(result, RegisterRequestParameters.RequestObjectSigningAlg, requestObjectSigningAlg); AddNotEmpty(result, RegisterRequestParameters.RequestObjectEncryptionAlg, requestObjectEncryptionAlg); AddNotEmpty(result, RegisterRequestParameters.RequestObjectEncryptionEnc, requestObjectEncryptionEnc); if (defaultMaxAge != null) { AddNotEmpty(result, RegisterRequestParameters.DefaultMaxAge, defaultMaxAge.Value.ToString().ToLowerInvariant()); } AddNotEmpty(result, RegisterRequestParameters.RequireAuthTime, requireAuthTime.Value.ToString().ToLowerInvariant()); AddNotEmpty(result, RegisterRequestParameters.DefaultAcrValues, acrValues); AddNotEmpty(result, RegisterRequestParameters.PostLogoutRedirectUris, postLogoutRedirectUris); return(result); }