protected virtual Task AddParametersToRequestAsync(IdentityClientConfiguration configuration, ProtocolRequest request)
{
foreach (var pair in configuration.Where(p => p.Key.StartsWith("[o]", StringComparison.OrdinalIgnoreCase)))
{
request.Parameters[pair.Key] = pair.Value;
}
return(Task.CompletedTask);
}
protected virtual async Task <DiscoveryDocumentResponse> GetDiscoveryResponse(
IdentityClientConfiguration configuration)
{
using (var httpClient = new HttpClient())
{
return(await httpClient.GetDiscoveryDocumentAsync(new DiscoveryDocumentRequest
{
Address = configuration.Authority,
Policy =
{
RequireHttps = configuration.RequireHttps
}
}));
}
}
protected virtual Task <ClientCredentialsTokenRequest> CreateClientCredentialsTokenRequestAsync(
DiscoveryDocumentResponse discoveryResponse,
IdentityClientConfiguration configuration)
{
var request = new ClientCredentialsTokenRequest
{
Address = discoveryResponse.TokenEndpoint,
Scope = configuration.Scope,
ClientId = configuration.ClientId,
ClientSecret = configuration.ClientSecret
};
AddParametersToRequestAsync(configuration, request);
return(Task.FromResult(request));
}
protected virtual async Task <DiscoveryDocumentResponse> GetDiscoveryResponse(
IdentityClientConfiguration configuration)
{
using (var httpClient = HttpClientFactory.CreateClient(HttpClientName))
{
var request = new DiscoveryDocumentRequest
{
Address = configuration.Authority,
Policy =
{
RequireHttps = configuration.RequireHttps
}
};
IdentityModelHttpRequestMessageOptions.ConfigureHttpRequestMessage?.Invoke(request);
return(await httpClient.GetDiscoveryDocumentAsync(request));
}
}
public virtual async Task <string> GetAccessTokenAsync(IdentityClientConfiguration configuration)
{
var discoveryResponse = await GetDiscoveryResponse(configuration);
if (discoveryResponse.IsError)
{
throw new AbpException($"Could not retrieve the OpenId Connect discovery document! ErrorType: {discoveryResponse.ErrorType}. Error: {discoveryResponse.Error}");
}
var tokenResponse = await GetTokenResponse(discoveryResponse, configuration);
if (tokenResponse.IsError)
{
throw new AbpException($"Could not get token from the OpenId Connect server! ErrorType: {tokenResponse.ErrorType}. Error: {tokenResponse.Error}. ErrorDescription: {tokenResponse.ErrorDescription}. HttpStatusCode: {tokenResponse.HttpStatusCode}");
}
return(tokenResponse.AccessToken);
}
protected virtual async Task <TokenResponse> GetTokenResponse(
DiscoveryResponse discoveryResponse,
IdentityClientConfiguration configuration)
{
using (var httpClient = new HttpClient())
{
switch (configuration.GrantType)
{
case OidcConstants.GrantTypes.ClientCredentials:
return(await httpClient.RequestClientCredentialsTokenAsync(
new ClientCredentialsTokenRequest
{
Address = discoveryResponse.TokenEndpoint,
Scope = configuration.Scope,
ClientId = configuration.ClientId,
ClientSecret = configuration.ClientSecret
},
CancellationTokenProvider.Token
));
case OidcConstants.GrantTypes.Password:
return(await httpClient.RequestPasswordTokenAsync(
new PasswordTokenRequest
{
Address = discoveryResponse.TokenEndpoint,
Scope = configuration.Scope,
ClientId = configuration.ClientId,
ClientSecret = configuration.ClientSecret,
UserName = configuration.UserName,
Password = configuration.UserPassword
},
CancellationTokenProvider.Token
));
default:
throw new AbpException("Grant type was not implemented: " + configuration.GrantType);
}
}
}
protected virtual string CalculateTokenCacheKey(IdentityClientConfiguration configuration)
{
return(IdentityModelTokenCacheItem.CalculateCacheKey(configuration));
}
protected virtual string CalculateDiscoveryDocumentCacheKey(IdentityClientConfiguration configuration)
{
return(IdentityModelDiscoveryDocumentCacheItem.CalculateCacheKey(configuration));
}
protected virtual Task <ClientCredentialsTokenRequest> CreateClientCredentialsTokenRequestAsync(string tokenEndpoint, IdentityClientConfiguration configuration)
{
var request = new ClientCredentialsTokenRequest
{
Address = tokenEndpoint,
Scope = configuration.Scope,
ClientId = configuration.ClientId,
ClientSecret = configuration.ClientSecret
};
IdentityModelHttpRequestMessageOptions.ConfigureHttpRequestMessage?.Invoke(request);
AddParametersToRequestAsync(configuration, request);
return(Task.FromResult(request));
}
protected virtual async Task <DiscoveryResponse> GetDiscoveryResponse(IdentityClientConfiguration configuration)
{
return(await DiscoveryClient.GetAsync(configuration.Authority));
}
protected virtual async Task <TokenResponse> GetTokenResponse(DiscoveryResponse discoveryResponse, IdentityClientConfiguration configuration)
{
//TODO: Pass cancellation token
var tokenClient = new TokenClient(discoveryResponse.TokenEndpoint, configuration.ClientId, configuration.ClientSecret);
switch (configuration.GrantType)
{
case OidcConstants.GrantTypes.ClientCredentials:
return(await tokenClient.RequestClientCredentialsAsync(
configuration.Scope
));
case OidcConstants.GrantTypes.Password:
return(await tokenClient.RequestResourceOwnerPasswordAsync(
configuration.UserName,
configuration.UserPassword,
configuration.Scope
));
default:
throw new AbpException("Grant type was not implemented: " + configuration.GrantType);
}
}
public static string CalculateCacheKey(IdentityClientConfiguration configuration)
{
return(string.Join(",", configuration.Select(x => x.Key + ":" + x.Value)).ToMd5());
}
protected virtual Task <PasswordTokenRequest> CreatePasswordTokenRequestAsync(DiscoveryResponse discoveryResponse, IdentityClientConfiguration configuration)
{
var request = new PasswordTokenRequest
{
Address = discoveryResponse.TokenEndpoint,
Scope = configuration.Scope,
ClientId = configuration.ClientId,
ClientSecret = configuration.ClientSecret,
UserName = configuration.UserName,
Password = configuration.UserPassword
};
AddParametersToRequestAsync(configuration, request);
return(Task.FromResult(request));
}
public static string CalculateCacheKey(IdentityClientConfiguration configuration)
{
return(configuration.Authority.ToLower().ToMd5());
}
