Пример #1
0
        public async Task <IdentityServiceResult> ValidateScopeAsync(
            ApplicationManager <TApplication> manager,
            TApplication application,
            string scope)
        {
            var errors = new List <IdentityServiceError>();

            if (string.IsNullOrWhiteSpace(scope))
            {
                errors.Add(ErrorDescriber.InvalidScope(scope));
            }
            else if (!string.IsNullOrEmpty(manager.Options.AllowedScopeCharacters) &&
                     scope.Any(c => !manager.Options.AllowedScopeCharacters.Contains(c)))
            {
                errors.Add(ErrorDescriber.InvalidScope(scope));
            }
            else if (manager.Options.MaxScopeLength.HasValue &&
                     scope.Length > manager.Options.MaxScopeLength)
            {
                errors.Add(ErrorDescriber.InvalidScope(scope));
            }
            else
            {
                var scopes = await manager.FindScopesAsync(application);

                if (scopes != null && scopes.Contains(scope, StringComparer.OrdinalIgnoreCase))
                {
                    errors.Add(ErrorDescriber.DuplicateScope(scope));
                }
            }

            return(errors.Count > 0 ? IdentityServiceResult.Failed(errors.ToArray()) : IdentityServiceResult.Success);
        }
Пример #2
0
        public async Task <IdentityServiceResult> UpdateScopeAsync(TApplication application, string oldScope, string newScope)
        {
            var scopeStore = GetScopeStore();
            var scope      = await FindScopeAsync(application, oldScope);

            if (scope == null)
            {
                return(IdentityServiceResult.Failed(ErrorDescriber.ScopeNotFound(oldScope)));
            }

            var validation = await ValidateScopeAsync(application, newScope);

            if (!validation.Succeeded)
            {
                return(validation);
            }

            var result = await scopeStore.UpdateScopeAsync(application, oldScope, newScope, CancellationToken);

            if (!result.Succeeded)
            {
                return(result);
            }

            return(await scopeStore.UpdateAsync(application, CancellationToken));
        }
Пример #3
0
        public async Task <IdentityServiceResult> UnregisterLogoutUriAsync(TApplication application, string logoutUri)
        {
            ThrowIfDisposed();
            if (application == null)
            {
                throw new ArgumentNullException(nameof(application));
            }

            if (logoutUri == null)
            {
                throw new ArgumentNullException(nameof(logoutUri));
            }

            var redirectStore = GetRedirectUriStore();
            var registeredUri = await FindRegisteredLogoutUriAsync(application, logoutUri);

            if (registeredUri == null)
            {
                return(IdentityServiceResult.Failed(ErrorDescriber.LogoutUriNotFound(logoutUri)));
            }

            var result = await redirectStore.UnregisterLogoutRedirectUriAsync(application, logoutUri, CancellationToken);

            if (!result.Succeeded)
            {
                return(result);
            }

            return(await redirectStore.UpdateAsync(application, CancellationToken));
        }
Пример #4
0
        public async Task <IdentityServiceResult> UpdateRedirectUriAsync(TApplication application, string oldRedirectUri, string newRedirectUri)
        {
            var redirectStore = GetRedirectUriStore();

            var registeredUri = await FindRegisteredUriAsync(application, oldRedirectUri);

            if (registeredUri == null)
            {
                return(IdentityServiceResult.Failed(ErrorDescriber.RedirectUriNotFound(oldRedirectUri)));
            }

            var validation = await ValidateRedirectUriAsync(application, newRedirectUri);

            if (!validation.Succeeded)
            {
                return(validation);
            }

            var result = await redirectStore.UpdateRedirectUriAsync(application, oldRedirectUri, newRedirectUri, CancellationToken);

            if (!result.Succeeded)
            {
                return(result);
            }

            return(await redirectStore.UpdateAsync(application, CancellationToken));
        }
Пример #5
0
        public async Task <IdentityServiceResult> AddClientSecretAsync(TApplication application, string clientSecret)
        {
            ThrowIfDisposed();
            var store = GetClientSecretStore();

            if (application == null)
            {
                throw new ArgumentNullException(nameof(application));
            }

            var hash = await store.GetClientSecretHashAsync(application, CancellationToken);

            if (hash != null)
            {
                return(IdentityServiceResult.Failed(ErrorDescriber.ApplicationAlreadyHasClientSecret()));
            }

            var result = await UpdateClientSecretHashAsync(store, application, clientSecret);

            if (!result.Succeeded)
            {
                return(result);
            }

            return(await UpdateAsync(application));
        }
Пример #6
0
        public async Task <IdentityServiceResult> ValidateAsync(
            ApplicationManager <TApplication> manager,
            TApplication application)
        {
            var errors = new List <IdentityServiceError>();

            await ValidateNameAsync(manager, application, errors);
            await ValidateClientIdAsync(manager, application, errors);

            return(errors.Count > 0 ? IdentityServiceResult.Failed(errors.ToArray()) : IdentityServiceResult.Success);
        }
Пример #7
0
        public static IdentityServiceResult Failed(params IdentityServiceError[] errors)
        {
            var result = new IdentityServiceResult {
                Succeeded = false
            };

            if (errors != null)
            {
                result._errors.AddRange(errors);
            }
            return(result);
        }
Пример #8
0
        public async Task <IdentityServiceResult> ValidateRedirectUriAsync(
            ApplicationManager <TApplication> manager,
            TApplication application,
            string redirectUri)
        {
            var errors = new List <IdentityServiceError>();

            var redirectUris = await manager.FindRegisteredUrisAsync(application);

            if (redirectUris.Contains(redirectUri, StringComparer.OrdinalIgnoreCase))
            {
                errors.Add(ErrorDescriber.DuplicateRedirectUri(redirectUri));
            }

            if (!manager.Options.AllowedRedirectUris.Contains(redirectUri, StringComparer.OrdinalIgnoreCase))
            {
                if (!Uri.TryCreate(redirectUri, UriKind.Absolute, out var parsedUri))
                {
                    errors.Add(ErrorDescriber.InvalidRedirectUri(redirectUri));
                }
                else
                {
                    if (!parsedUri.Scheme.Equals("https", StringComparison.OrdinalIgnoreCase))
                    {
                        errors.Add(ErrorDescriber.NoHttpsUri(redirectUri));
                    }

                    var logoutUris = await manager.FindRegisteredUrisAsync(application);

                    var regularLogoutUris   = logoutUris.Except(manager.Options.AllowedLogoutUris, StringComparer.Ordinal);
                    var regularRedirectUris = redirectUris.Except(manager.Options.AllowedRedirectUris, StringComparer.Ordinal);

                    var allApplicationUris = regularRedirectUris.Concat(regularLogoutUris);

                    foreach (var nonSpecialUri in allApplicationUris)
                    {
                        var existingUri = new Uri(nonSpecialUri, UriKind.Absolute);
                        if (!parsedUri.Host.Equals(existingUri.Host, StringComparison.OrdinalIgnoreCase))
                        {
                            errors.Add(ErrorDescriber.DifferentDomains());
                            break;
                        }
                    }
                }
            }

            return(errors.Count > 0 ? IdentityServiceResult.Failed(errors.ToArray()) : IdentityServiceResult.Success);
        }
Пример #9
0
        public async Task <IdentityServiceResult> RemoveScopeAsync(TApplication application, string scope)
        {
            var scopeStore = GetScopeStore();
            var foundScope = await FindScopeAsync(application, scope);

            if (foundScope == null)
            {
                return(IdentityServiceResult.Failed(ErrorDescriber.ScopeNotFound(scope)));
            }

            var result = await scopeStore.RemoveScopeAsync(application, scope, CancellationToken);

            if (!result.Succeeded)
            {
                return(result);
            }

            return(await scopeStore.UpdateAsync(application, CancellationToken));
        }
Пример #10
0
        private async Task <IdentityServiceResult> ValidateApplicationAsync(TApplication application)
        {
            var errors = new List <IdentityServiceError>();

            foreach (var v in ApplicationValidators)
            {
                var result = await v.ValidateAsync(this, application);

                if (!result.Succeeded)
                {
                    errors.AddRange(result.Errors);
                }
            }

            if (errors.Count > 0)
            {
                return(IdentityServiceResult.Failed(errors.ToArray()));
            }

            return(IdentityServiceResult.Success);
        }