private Client GetSPA(string name, ClientDefinition definition)
{
if (definition.RedirectUri == null ||
!Uri.TryCreate(definition.RedirectUri, UriKind.Absolute, out var redirectUri))
{
throw new InvalidOperationException($"The redirect uri " +
$"'{definition.RedirectUri}' for '{name}' is invalid. " +
$"The redirect URI must be an absolute url.");
}
if (definition.LogoutUri == null ||
!Uri.TryCreate(definition.LogoutUri, UriKind.Absolute, out var postLogouturi))
{
throw new InvalidOperationException($"The logout uri " +
$"'{definition.LogoutUri}' for '{name}' is invalid. " +
$"The logout URI must be an absolute url.");
}
if (!string.Equals(
redirectUri.GetLeftPart(UriPartial.Authority),
postLogouturi.GetLeftPart(UriPartial.Authority),
StringComparison.Ordinal))
{
throw new InvalidOperationException($"The redirect uri and the logout uri " +
$"for '{name}' have a different scheme, host or port.");
}
var client = ClientBuilder.SPA(name)
.WithRedirectUri(definition.RedirectUri)
.WithLogoutRedirectUri(definition.LogoutUri)
.WithAllowedOrigins(redirectUri.GetLeftPart(UriPartial.Authority))
.FromConfiguration();
return(client.Build());
}
private Client GetNativeApp(string name, ClientDefinition definition)
{
var client = ClientBuilder.NativeApp(name)
.FromConfiguration();
return(client.Build());
}
private Client GetLocalSPA(string name, ClientDefinition definition)
{
var client = ClientBuilder
.IdentityServerSPA(name)
.WithRedirectUri(definition.RedirectUri ?? DefaultLocalSPARelativeRedirectUri)
.WithLogoutRedirectUri(definition.LogoutUri ?? DefaultLocalSPARelativePostLogoutRedirectUri)
.WithAllowedOrigins()
.FromConfiguration();
return(client.Build());
}
private Client GetWebApplication(string name, ClientDefinition definition)
{
if (definition.RedirectUri == null ||
!Uri.TryCreate(definition.RedirectUri, UriKind.Absolute, out var redirectUri))
{
throw new InvalidOperationException($"The redirect uri " +
$"'{definition.RedirectUri}' for '{name}' is invalid. " +
$"The redirect URI must be an absolute url.");
}
if (definition.LogoutUri == null ||
!Uri.TryCreate(definition.LogoutUri, UriKind.Absolute, out var postLogouturi))
{
throw new InvalidOperationException($"The logout uri " +
$"'{definition.LogoutUri}' for '{name}' is invalid. " +
$"The logout URI must be an absolute url.");
}
if (!string.Equals(
redirectUri.GetLeftPart(UriPartial.Authority),
postLogouturi.GetLeftPart(UriPartial.Authority),
StringComparison.Ordinal))
{
throw new InvalidOperationException($"The redirect uri and the logout uri " +
$"for '{name}' have a different scheme, host or port.");
}
if (definition.ClientSecret == null)
{
throw new InvalidOperationException($"The configuration for '{name}' does not contain a client secret. " +
$"Client secrets are required for web applications.");
}
return(ClientBuilder.WebApplication(name)
.WithRedirectUri(definition.RedirectUri)
.WithLogoutRedirectUri(definition.LogoutUri)
.FromConfiguration()
.WithClientSecret(definition.ClientSecret)
.Build());
}
