private void AddClients(Client ct)
{
var client = new Client <Guid>()
{
AbsoluteRefreshTokenLifetime = ct.AbsoluteRefreshTokenLifetime,
AccessTokenLifetime = ct.AccessTokenLifetime,
AccessTokenType = ct.AccessTokenType,
AllowAccessToAllGrantTypes = ct.AllowAccessToAllCustomGrantTypes,
AllowAccessToAllScopes = ct.AllowAccessToAllScopes,
AllowClientCredentialsOnly = ct.AllowClientCredentialsOnly,
AllowPromptNone = ct.AllowPromptNone,
AllowRememberConsent = ct.AllowRememberConsent,
AlwaysSendClientClaims = ct.AlwaysSendClientClaims,
AuthorizationCodeLifetime = ct.AuthorizationCodeLifetime,
ClientId = ct.ClientId,
ClientName = ct.ClientName,
ClientUri = ct.ClientUri,
EnableLocalLogin = ct.EnableLocalLogin,
Enabled = ct.Enabled,
Flow = ct.Flow,
IdentityTokenLifetime = ct.IdentityTokenLifetime,
IncludeJwtId = ct.IncludeJwtId,
LogoUri = ct.LogoUri,
LogoutSessionRequired = ct.LogoutSessionRequired,
LogoutUri = ct.LogoutUri,
PrefixClientClaims = ct.PrefixClientClaims,
RefreshTokenExpiration = ct.RefreshTokenExpiration,
RefreshTokenUsage = ct.RefreshTokenUsage,
RequireConsent = ct.RequireConsent, //设置为true会有问题?
SlidingRefreshTokenLifetime = ct.SlidingRefreshTokenLifetime,
UpdateAccessTokenOnRefresh = ct.UpdateAccessTokenClaimsOnRefresh
};
client.ClientSecrets = new List <ClientSecret <Guid> >();
client.AllowedScopes = new List <ClientScope <Guid> >();
client.RedirectUris = new List <ClientRedirectUri <Guid> >();
client.IdentityProviderRestrictions = new List <ClientProviderRestriction <Guid> >();
client.PostLogoutRedirectUris = new List <ClientPostLogoutRedirectUri <Guid> >();
client.AllowedCustomGrantTypes = new List <ClientCustomGrantType <Guid> >();
client.Claims = new List <ClientClaim <Guid> >();
client.AllowedCorsOrigins = new List <ClientCorsOrigin <Guid> >();
//Add Secrets
foreach (var secret in ct.ClientSecrets)
{
var clientSecret = new ClientSecret <Guid>()
{
Description = secret.Description,
Expiration = secret.Expiration.HasValue ? (DateTime?)secret.Expiration.Value.DateTime : null,
Type = secret.Type,
Value = secret.Value
};
client.ClientSecrets.Add(clientSecret);
}
//Add Scopes
foreach (var scope in ct.AllowedScopes)
{
var allowedScope = new ClientScope <Guid>()
{
Scope = scope
};
client.AllowedScopes.Add(allowedScope);
}
//Add RedirectUris
foreach (var redirectUri in ct.RedirectUris)
{
var clientRedirectUri = new ClientRedirectUri <Guid>()
{
Uri = redirectUri
};
client.RedirectUris.Add(clientRedirectUri);
}
//Add ProviderRestrictions
foreach (var provider in ct.IdentityProviderRestrictions)
{
var clientProviderRestriction = new ClientProviderRestriction <Guid>()
{
Provider = provider
};
client.IdentityProviderRestrictions.Add(clientProviderRestriction);
}
//Add ClientPostLogoutRedirectUri
foreach (var postLogoutRedirectUri in ct.PostLogoutRedirectUris)
{
var clientPostLogoutRedirectUri = new ClientPostLogoutRedirectUri <Guid>()
{
Uri = postLogoutRedirectUri
};
client.PostLogoutRedirectUris.Add(clientPostLogoutRedirectUri);
}
//Add ClientCustomGrantTypes
foreach (var customGrantType in ct.AllowedCustomGrantTypes)
{
var clientCustomerGrantType = new ClientCustomGrantType <Guid>()
{
GrantType = customGrantType
};
client.AllowedCustomGrantTypes.Add(clientCustomerGrantType);
}
//Add ClientClaims
foreach (var claim in ct.Claims)
{
var clientClaim = new ClientClaim <Guid>()
{
Type = claim.Type,
Value = claim.Value
};
client.Claims.Add(clientClaim);
}
//Add ClientCorsOrigins
foreach (var corsOrigin in ct.AllowedCorsOrigins)
{
var clientCorsOrigin = new ClientCorsOrigin <Guid>()
{
Origin = corsOrigin
};
client.AllowedCorsOrigins.Add(clientCorsOrigin);
}
_clientContext.Clients.Add(client);
_clientContext.SaveChanges();
}
public Result <int> Update(ClientModel model, int id)
{
try
{
var result = new Result <int>();
var existingClient = clientContext.Clients
.Where(x => x.Id == id)
.Include(x => x.AllowedScopes)
.Include(x => x.ClientSecrets)
.Include(x => x.RedirectUris)
.Include(x => x.PostLogoutRedirectUris)
.Include(x => x.AllowedCorsOrigins)
.Include(x => x.IdentityProviderRestrictions)
.Include(x => x.Claims)
.Include(x => x.AllowedCustomGrantTypes)
.SingleOrDefault();
if (existingClient == null)
{
result.Exists = false;
return(result);
}
var duplicateClientId = clientContext.Clients
.Where(x => x.ClientId == model.ClientId)
.FirstOrDefault();
if (duplicateClientId != null && duplicateClientId.Id != id)
{
throw new Exception("pre-existing clientid");
}
clientContext.Entry(existingClient).CurrentValues.SetValues(model); // copy all values from object
#region Update related properties
var exRedirectUris = existingClient.RedirectUris.ToList();
//delete redirect uri's that have been removed
foreach (var item in exRedirectUris)
{
if (!model.RedirectUris.Any(x => x.Id == item.Id))
{
existingClient.RedirectUris.Remove(item);
}
}
if (model.RedirectUris != null && model.RedirectUris.Any())
{
//update and add new uris
foreach (var item in model.RedirectUris)
{
var exRedirectUri = existingClient.RedirectUris.FirstOrDefault(x => x.Id == item.Id);
if (exRedirectUri != null)
{
clientContext.Entry(exRedirectUri).CurrentValues.SetValues(item);
}
else
{
var redirectUri = new ClientRedirectUri
{
Uri = item.Uri,
};
existingClient.RedirectUris.Add(redirectUri);
}
}
}
//delete post redirect uri's that have been removed
var exPostRedirectUris = existingClient.PostLogoutRedirectUris.ToList();
foreach (var item in exPostRedirectUris)
{
if (!model.PostLogoutRedirectUris.Any(x => x.Id == item.Id))
{
existingClient.PostLogoutRedirectUris.Remove(item);
}
}
if (model.PostLogoutRedirectUris != null && model.PostLogoutRedirectUris.Any())
{
foreach (var item in model.PostLogoutRedirectUris)
{
var exPostRedirectUri = existingClient.PostLogoutRedirectUris.FirstOrDefault(x => x.Id == item.Id);
if (exPostRedirectUri != null)
{
clientContext.Entry(exPostRedirectUri).CurrentValues.SetValues(item);
}
else
{
var postRedirectUri = new ClientPostLogoutRedirectUri
{
Uri = item.Uri,
};
existingClient.PostLogoutRedirectUris.Add(postRedirectUri);
}
}
}
//update and add new post redirect uris
var exIdProvRestrictions = existingClient.IdentityProviderRestrictions.ToList();
foreach (var item in exIdProvRestrictions)
{
if (!model.IdentityProviderRestrictions.Any(x => x.Id == item.Id))
{
existingClient.IdentityProviderRestrictions.Remove(item);
}
}
if (model.IdentityProviderRestrictions != null && model.IdentityProviderRestrictions.Any())
{
foreach (var item in model.IdentityProviderRestrictions)
{
var exIdProvRestriction = existingClient.IdentityProviderRestrictions.FirstOrDefault(x => x.Id == item.Id);
if (exIdProvRestriction != null)
{
clientContext.Entry(exIdProvRestriction).CurrentValues.SetValues(item);
}
else
{
var IdentityProvRestriction = new ClientIdPRestriction
{
Provider = item.Provider,
};
existingClient.IdentityProviderRestrictions.Add(exIdProvRestriction);
}
}
}
//update and add new post redirect uris
//delete post redirect uri's that have been removed
//delete allowed scopes that have been removed
var exScopes = existingClient.AllowedScopes.ToList();
foreach (var item in exScopes)
{
if (!model.AllowedScopes.Any(x => x.Id == item.Id))
{
existingClient.AllowedScopes.Remove(item);
}
}
if (model.AllowedScopes != null && model.AllowedScopes.Any())
{
foreach (var item in model.AllowedScopes)
{
var exScope = existingClient.AllowedScopes.FirstOrDefault(x => x.Id == item.Id);
if (exScope != null)
{
clientContext.Entry(exScope).CurrentValues.SetValues(item);
}
else
{
var newScope = new ClientScope
{
Scope = item.Scope,
};
existingClient.AllowedScopes.Add(newScope);
}
}
}
//delete client claims that have been removed
var exClaims = existingClient.Claims.ToList();
foreach (var item in exClaims)
{
if (!model.Claims.Any(x => x.Id == item.Id))
{
existingClient.Claims.Remove(item);
}
}
if (model.Claims != null && model.Claims.Any())
{
//update and add new post redirect uris
foreach (var item in model.Claims)
{
var exClaim = existingClient.Claims.FirstOrDefault(x => x.Id == item.Id);
if (exClaim != null)
{
clientContext.Entry(exClaim).CurrentValues.SetValues(item);
}
else
{
var newClaim = new ClientClaim
{
Type = item.Type,
Value = item.Value
};
existingClient.Claims.Add(newClaim);
}
}
}
//delete client claims that have been removed
var exAllowedCors = existingClient.AllowedCorsOrigins.ToList();
foreach (var item in exAllowedCors)
{
if (!model.AllowedCorsOrigins.Any(x => x.Id == item.Id))
{
existingClient.AllowedCorsOrigins.Remove(item);
}
}
if (model.AllowedCorsOrigins != null && model.AllowedCorsOrigins.Any())
{
//update and add new post redirect uris
foreach (var item in model.AllowedCorsOrigins)
{
var exAllowedCor = existingClient.AllowedCorsOrigins.FirstOrDefault(x => x.Id == item.Id);
if (exAllowedCor != null)
{
clientContext.Entry(exAllowedCor).CurrentValues.SetValues(item);
}
else
{
var newClientCor = new ClientCorsOrigin
{
Origin = item.Origin
};
existingClient.AllowedCorsOrigins.Add(newClientCor);
}
}
}
//delete custom grant types that have been removed
var exCustomGrants = existingClient.AllowedCustomGrantTypes.ToList();
foreach (var item in exCustomGrants)
{
if (!model.AllowedCustomGrantTypes.Any(x => x.Id == item.Id))
{
existingClient.AllowedCustomGrantTypes.Remove(item);
}
}
if (model.AllowedCustomGrantTypes != null && model.AllowedCustomGrantTypes.Any())
{
//update and add new post redirect uris
foreach (var item in model.AllowedCustomGrantTypes)
{
var exCustomGrant = existingClient.AllowedCustomGrantTypes.FirstOrDefault(x => x.Id == item.Id);
if (exCustomGrant != null)
{
clientContext.Entry(exCustomGrant).CurrentValues.SetValues(item);
}
else
{
var newCustomGrant = new ClientCustomGrantType
{
GrantType = item.GrantType
};
existingClient.AllowedCustomGrantTypes.Add(newCustomGrant);
}
}
}
//delete custom grant types that have been removed
var exSecrets = existingClient.ClientSecrets.ToList();
foreach (var item in exSecrets)
{
if (!model.ClientSecrets.Any(x => x.Id == item.Id))
{
existingClient.ClientSecrets.Remove(item);
}
}
if (model.ClientSecrets != null && model.ClientSecrets.Any())
{
//update and add new post redirect uris
foreach (var item in model.ClientSecrets)
{
var exSecret = existingClient.ClientSecrets.FirstOrDefault(x => x.Id == item.Id);
if (exSecret != null)
{
exSecret.Value = exSecret.Value;
clientContext.Entry(exSecret).CurrentValues.SetValues(item);
}
else
{
var newSecret = new ClientSecret
{
Type = item.Type,
Value = item.Value.Sha256(),
Expiration = item.Expiration,
Description = item.Description,
};
existingClient.ClientSecrets.Add(newSecret);
}
}
}
#endregion
clientContext.SaveChanges();
result.Exists = true;
result.Response = existingClient.Id;
result.CustomValue = existingClient.ClientName;
return(result);
}
catch (Exception ex)
{
ErrorLogger.Log(ex);
throw;
}
}
