public async Task <Client> AddClient(Client client)
{
_context.Clients.Add(client);
await _context.SaveChangesAsync();
return(client);
}
public IdentityAdminCoreManagerTests()
{
_identityAdminManagerService = new IdentityAdminManagerService("IdSvr3ConfigAdmin");
using (var db = new ClientConfigurationDbContext(ConnectionString))
{
var allClients = db.Clients.Where(p => true);
foreach (var c in allClients )
{
db.Clients.Remove(c);
}
db.SaveChanges();
var testClient = new Client
{
ClientId = "IdToTest",
ClientName = _clientName,
Enabled = true,
Flow = Flows.Implicit,
RequireConsent = true,
AllowRememberConsent = true,
RedirectUris =new List<ClientRedirectUri>() {new ClientRedirectUri {Id = 1, Uri = "www.redirect.com"}},
PostLogoutRedirectUris = new List<ClientPostLogoutRedirectUri>(){new ClientPostLogoutRedirectUri{Id = 1, Uri = "www.postRedirectUri.com"}},
AllowedScopes = new List<ClientScope>() { new ClientScope { Scope = "read" ,Id = 1} },
AccessTokenType = AccessTokenType.Jwt,
ClientSecrets = new List<ClientSecret>{new ClientSecret{Id = 1,Description = "removeMe",Type = "ssssshhh", Value = "nothing to see here"}},
IdentityProviderRestrictions = new List<ClientIdPRestriction>(){new ClientIdPRestriction{Id = 1,Provider = "www.provideme.com"}},
AllowedCustomGrantTypes = new List<ClientCustomGrantType>{new ClientCustomGrantType{Id = 1, GrantType = "Authorization Grant"}},
Claims = new List<ClientClaim>{new ClientClaim{Id = 1,Value = "tester", Type = "role"}},
AllowedCorsOrigins = new List<ClientCorsOrigin> { new ClientCorsOrigin { Id = 1,Origin = "www.CrossOriginMe.com"} }
};
db.Clients.Add(testClient);
db.SaveChanges();
_clientSubject = testClient.Id.ToString();
}
using (var db = new ScopeConfigurationDbContext(ConnectionString))
{
var allScopes = db.Scopes.Where(p => true);
foreach (var c in allScopes)
{
db.Scopes.Remove(c);
}
db.SaveChanges();
var testScope = new Scope { Name = _scopeName,ScopeClaims = new List<ScopeClaim>{new ScopeClaim{Id = 1,Description = "To Test", Name = "testScope"}}};
db.Scopes.Add(testScope);
db.SaveChanges();
_scopeSubject = testScope.Id.ToString();
}
}
public async Task <ActionResult> Create(CreateClientViewModel viewModel)
{
if (ModelState.IsValid)
{
var client = new Client
{
AbsoluteRefreshTokenLifetime = 2592000,
AccessTokenLifetime = 3600,
AllowAccessToAllScopes = true,
AllowAccessTokensViaBrowser = true,
AllowRememberConsent = true,
AuthorizationCodeLifetime = 300,
ClientId = $"https://login.microsoftonline.com/te/{viewModel.TenantName}",
ClientName = $"{viewModel.TenantName} (Authorization Code)",
Enabled = true,
EnableLocalLogin = true,
Flow = Flows.AuthorizationCode,
IdentityTokenLifetime = 300,
LogoutSessionRequired = true,
PrefixClientClaims = true,
RefreshTokenExpiration = TokenExpiration.Absolute,
RefreshTokenUsage = TokenUsage.OneTimeOnly,
SlidingRefreshTokenLifetime = 1296000,
ClientSecrets = new List <ClientSecret>
{
new ClientSecret
{
Value = "abcdef".Sha256()
}
},
RedirectUris = new List <ClientRedirectUri>
{
new ClientRedirectUri
{
Uri = $"https://login.microsoftonline.com/te/{viewModel.TenantName}/b2c_1a_base_extensions/oauth2/authresp"
}
}
};
_dbContext.Clients.Add(client);
await _dbContext.SaveChangesAsync();
return(RedirectToAction("Index", "Clients"));
}
return(View(viewModel));
}
private static ClientDisplayViewModel CreateClientDisplayViewModel(Client client)
{
if (client != null)
{
var clientDisplayViewModel = new ClientDisplayViewModel
{
ClientId = client.ClientId,
ClientName = client.ClientName
};
if (client.RedirectUris != null && client.RedirectUris.Any())
{
clientDisplayViewModel.RedirectUri = client.RedirectUris.First().Uri;
}
return(clientDisplayViewModel);
}
return(null);
}
public SeedUtilities SeedClients()
{
var adminPortalClient = new IdentityServer3.EntityFramework.Entities.Client
{
ClientName = _configurationManager.GetByKey("AdminPortal.ClientName"),
ClientId = _configurationManager.GetByKey("AdminPortal.ClientId"),
Flow = Flows.Implicit,
EnableLocalLogin = true,
Enabled = true,
AllowAccessTokensViaBrowser = true,
RequireConsent = false,
AllowRememberConsent = true,
AccessTokenType = AccessTokenType.Jwt,
AccessTokenLifetime = 3600,
IdentityTokenLifetime = 3600,
AuthorizationCodeLifetime = 3600,
// refresh token settings
AbsoluteRefreshTokenLifetime = 86400,
SlidingRefreshTokenLifetime = 43200,
RefreshTokenUsage = TokenUsage.OneTimeOnly,
RefreshTokenExpiration = TokenExpiration.Sliding,
PostLogoutRedirectUris = new List <ClientPostLogoutRedirectUri>
{
new ClientPostLogoutRedirectUri
{
Uri = _configurationManager.GetByKey("AdminPortal.PostLogoutRedirectUri")
}
},
RedirectUris = new List <ClientRedirectUri>
{
new ClientRedirectUri
{
Uri = _configurationManager.GetByKey("AdminPortal.RedirectUri")
},
new ClientRedirectUri
{
Uri = _configurationManager.GetByKey("AdminPortal.RedirectUri") + "silent.html"
}
},
AllowedCorsOrigins = new List <ClientCorsOrigin>
{
new ClientCorsOrigin {
Origin = _configurationManager.GetByKey("AdminPortal.RedirectUri")
}
},
AllowedScopes = new List <ClientScope>
{
new ClientScope
{
Scope = IdentityServer3.Core.Constants.StandardScopes.OpenId
},
new ClientScope
{
Scope = IdentityServer3.Core.Constants.StandardScopes.Email
},
new ClientScope
{
Scope = IdentityServer3.Core.Constants.StandardScopes.Roles
},
new ClientScope
{
Scope = IdentityServer3.Core.Constants.StandardScopes.Profile
},
new ClientScope
{
Scope = "read"
},
new ClientScope
{
Scope = "write"
}
}
};
//Client: CloudPlus Portal API
//Client type: API
var cloudPlusPortalApiClient = new IdentityServer3.EntityFramework.Entities.Client
{
ClientName = _configurationManager.GetByKey("CloudPlusPortalApi.ClientName"),
ClientId = _configurationManager.GetByKey("CloudPlusPortalApi.ClientId"),
Flow = Flows.ClientCredentials,
Enabled = true,
AccessTokenLifetime = 3600,
AllowedScopes = new List <ClientScope>
{
new ClientScope
{
Scope = "trustedAPI"
},
new ClientScope
{
Scope = "read"
},
new ClientScope
{
Scope = "write"
}
},
ClientSecrets = new List <ClientSecret>
{
new ClientSecret {
Value = _configurationManager.GetByKey("CloudPlusPortalApi.ClientSecret").Sha256(), Type = IdentityServer3.Core.Constants.SecretTypes.SharedSecret
}
}
};
_context.Clients.AddOrUpdate(x => x.ClientId, adminPortalClient);
_context.Clients.AddOrUpdate(x => x.ClientId, cloudPlusPortalApiClient);
_context.Scopes.AddOrUpdate(x => x.Name, new IdentityServer3.EntityFramework.Entities.Scope
{
Name = IdentityServer3.Core.Constants.StandardScopes.OpenId,
DisplayName = IdentityServer3.Core.Constants.StandardScopes.OpenId,
Type = (int)ScopeType.Identity,
Emphasize = false,
Enabled = true
});
_context.Scopes.AddOrUpdate(x => x.Name, new IdentityServer3.EntityFramework.Entities.Scope
{
Name = IdentityServer3.Core.Constants.StandardScopes.Profile,
DisplayName = IdentityServer3.Core.Constants.StandardScopes.Profile,
Type = (int)ScopeType.Identity,
Emphasize = false,
Enabled = true
});
_context.Scopes.AddOrUpdate(x => x.Name, new IdentityServer3.EntityFramework.Entities.Scope
{
Name = IdentityServer3.Core.Constants.StandardScopes.Email,
DisplayName = IdentityServer3.Core.Constants.StandardScopes.Email,
Type = (int)ScopeType.Resource,
Emphasize = false,
Enabled = true
});
_context.Scopes.AddOrUpdate(x => x.Name, new IdentityServer3.EntityFramework.Entities.Scope
{
Name = IdentityServer3.Core.Constants.StandardScopes.Roles,
DisplayName = IdentityServer3.Core.Constants.StandardScopes.Roles,
Type = (int)ScopeType.Resource,
Emphasize = false,
Enabled = true
});
_context.Scopes.Add(new IdentityServer3.EntityFramework.Entities.Scope
{
Name = "trustedAPI",
DisplayName = "trustedAPI",
Type = (int)ScopeType.Resource,
Emphasize = false,
Enabled = true
});
_context.Scopes.AddOrUpdate(x => x.Name, new IdentityServer3.EntityFramework.Entities.Scope
{
Name = "read",
DisplayName = "read",
Type = (int)ScopeType.Resource,
Emphasize = false,
Enabled = true
});
_context.Scopes.AddOrUpdate(x => x.Name, new IdentityServer3.EntityFramework.Entities.Scope
{
Name = "write",
DisplayName = "write",
Type = (int)ScopeType.Resource,
Emphasize = false,
Enabled = true
});
return(this);
}
public IdentityAdminCoreManagerTests()
{
_identityAdminManagerService = new IdentityAdminManagerService("IdSvr3ConfigAdmin");
using (var db = new ClientConfigurationDbContext(ConnectionString))
{
var allClients = db.Clients.Where(p => true);
foreach (var c in allClients)
{
db.Clients.Remove(c);
}
db.SaveChanges();
var testClient = new Client
{
ClientId = "IdToTest",
ClientName = _clientName,
Enabled = true,
Flow = Flows.Implicit,
RequireConsent = true,
AllowRememberConsent = true,
RedirectUris = new List <ClientRedirectUri>()
{
new ClientRedirectUri {
Id = 1, Uri = "www.redirect.com"
}
},
PostLogoutRedirectUris = new List <ClientPostLogoutRedirectUri>()
{
new ClientPostLogoutRedirectUri {
Id = 1, Uri = "www.postRedirectUri.com"
}
},
AllowedScopes = new List <ClientScope>()
{
new ClientScope {
Scope = "read", Id = 1
}
},
AccessTokenType = AccessTokenType.Jwt,
ClientSecrets = new List <ClientSecret> {
new ClientSecret {
Id = 1, Description = "removeMe", Type = "ssssshhh", Value = "nothing to see here"
}
},
IdentityProviderRestrictions = new List <ClientIdPRestriction>()
{
new ClientIdPRestriction {
Id = 1, Provider = "www.provideme.com"
}
},
AllowedCustomGrantTypes = new List <ClientCustomGrantType> {
new ClientCustomGrantType {
Id = 1, GrantType = "Authorization Grant"
}
},
Claims = new List <ClientClaim> {
new ClientClaim {
Id = 1, Value = "tester", Type = "role"
}
},
AllowedCorsOrigins = new List <ClientCorsOrigin> {
new ClientCorsOrigin {
Id = 1, Origin = "www.CrossOriginMe.com"
}
}
};
db.Clients.Add(testClient);
db.SaveChanges();
_clientSubject = testClient.Id.ToString();
}
using (var db = new ScopeConfigurationDbContext(ConnectionString))
{
var allScopes = db.Scopes.Where(p => true);
foreach (var c in allScopes)
{
db.Scopes.Remove(c);
}
db.SaveChanges();
var testScope = new Scope {
Name = _scopeName, ScopeClaims = new List <ScopeClaim> {
new ScopeClaim {
Id = 1, Description = "To Test", Name = "testScope"
}
}
};
db.Scopes.Add(testScope);
db.SaveChanges();
_scopeSubject = testScope.Id.ToString();
}
}