Browse Source
Merge pull request #2012 from erjain/net7-duende-fix
update to Net7 and Duende IdentityServer 6.2pull/2044/head
Tarun Jain
2 years ago
committed by
GitHub
GitHub
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
187 changed files with 3149 additions and 5070 deletions
Split View
Diff Options
-
+1 -1.github/workflows/catalog-api.yml
-
+1 -1.github/workflows/ordering-api.yml
-
+2 -2src/ApiGateways/Mobile.Bff.Shopping/aggregator/Dockerfile
-
+1 -1src/ApiGateways/Mobile.Bff.Shopping/aggregator/Dockerfile.develop
-
+1 -0src/ApiGateways/Mobile.Bff.Shopping/aggregator/GlobalUsings.cs
-
+14 -13src/ApiGateways/Mobile.Bff.Shopping/aggregator/Mobile.Shopping.HttpAggregator.csproj
-
+21 -2src/ApiGateways/Mobile.Bff.Shopping/aggregator/Startup.cs
-
+2 -2src/ApiGateways/Web.Bff.Shopping/aggregator/Dockerfile
-
+1 -1src/ApiGateways/Web.Bff.Shopping/aggregator/Dockerfile.develop
-
+1 -0src/ApiGateways/Web.Bff.Shopping/aggregator/GlobalUsings.cs
-
+11 -9src/ApiGateways/Web.Bff.Shopping/aggregator/Startup.cs
-
+15 -14src/ApiGateways/Web.Bff.Shopping/aggregator/Web.Shopping.HttpAggregator.csproj
-
+3 -3src/BuildingBlocks/Devspaces.Support/Devspaces.Support.csproj
-
+4 -4src/BuildingBlocks/EventBus/EventBus.Tests/EventBus.Tests.csproj
-
+1 -1src/BuildingBlocks/EventBus/EventBus/EventBus.csproj
-
+5 -5src/BuildingBlocks/EventBus/EventBusRabbitMQ/EventBusRabbitMQ.csproj
-
+4 -4src/BuildingBlocks/EventBus/EventBusServiceBus/EventBusServiceBus.csproj
-
+5 -5src/BuildingBlocks/EventBus/IntegrationEventLogEF/IntegrationEventLogEF.csproj
-
+8 -8src/BuildingBlocks/WebHostCustomization/WebHost.Customization/WebHost.Customization.csproj
-
+28 -27src/Services/Basket/Basket.API/Basket.API.csproj
-
+2 -2src/Services/Basket/Basket.API/Dockerfile
-
+1 -1src/Services/Basket/Basket.API/Dockerfile.develop
-
+2 -1src/Services/Basket/Basket.API/GlobalUsings.cs
-
+1 -1src/Services/Basket/Basket.API/Program.cs
-
+13 -6src/Services/Basket/Basket.API/Startup.cs
-
+8 -8src/Services/Basket/Basket.FunctionalTests/Basket.FunctionalTests.csproj
-
+9 -9src/Services/Basket/Basket.UnitTests/Basket.UnitTests.csproj
-
+33 -30src/Services/Catalog/Catalog.API/Catalog.API.csproj
-
+2 -2src/Services/Catalog/Catalog.API/Dockerfile
-
+1 -1src/Services/Catalog/Catalog.API/Dockerfile.develop
-
+1 -1src/Services/Catalog/Catalog.API/Program.cs
-
+6 -6src/Services/Catalog/Catalog.FunctionalTests/Catalog.FunctionalTests.csproj
-
+7 -7src/Services/Catalog/Catalog.UnitTests/Catalog.UnitTests.csproj
-
+0 -31src/Services/Identity/Identity.API/Certificate/Certificate.cs
-
BINsrc/Services/Identity/Identity.API/Certificate/idsrv3test.pfx
-
+48 -32src/Services/Identity/Identity.API/Configuration/Config.cs
-
+0 -299src/Services/Identity/Identity.API/Controllers/AccountController.cs
-
+0 -131src/Services/Identity/Identity.API/Controllers/ConsentController.cs
-
+0 -46src/Services/Identity/Identity.API/Controllers/HomeController.cs
-
+12 -13src/Services/Identity/Identity.API/Data/ApplicationDbContext.cs
-
+0 -218src/Services/Identity/Identity.API/Data/ApplicationDbContextSeed.cs
-
+0 -73src/Services/Identity/Identity.API/Data/ConfigurationDbContextSeed.cs
-
+10 -10src/Services/Identity/Identity.API/Data/Migrations/20210914100206_InitialMigration.Designer.cs
-
+1 -1src/Services/Identity/Identity.API/Data/Migrations/20210914100206_InitialMigration.cs
-
+9 -9src/Services/Identity/Identity.API/Data/Migrations/ApplicationDbContextModelSnapshot.cs
-
+2 -2src/Services/Identity/Identity.API/Devspaces/DevspacesRedirectUriValidator.cs
-
+2 -2src/Services/Identity/Identity.API/Dockerfile
-
+1 -1src/Services/Identity/Identity.API/Dockerfile.develop
-
+0 -46src/Services/Identity/Identity.API/Extensions/LinqSelectExtensions.cs
-
+0 -20src/Services/Identity/Identity.API/Factories/ApplicationDbContextFactory.cs
-
+0 -21src/Services/Identity/Identity.API/Factories/ConfigurationDbContextFactory.cs
-
+0 -21src/Services/Identity/Identity.API/Factories/PersistedGrantDbContextFactory.cs
-
+14 -14src/Services/Identity/Identity.API/GlobalUsings.cs
-
+60 -52src/Services/Identity/Identity.API/Identity.API.csproj
-
+0 -911src/Services/Identity/Identity.API/Migrations/ConfigurationDb/20210813072543_InitialMigration.Designer.cs
-
+0 -607src/Services/Identity/Identity.API/Migrations/ConfigurationDb/20210813072543_InitialMigration.cs
-
+0 -909src/Services/Identity/Identity.API/Migrations/ConfigurationDb/ConfigurationDbContextModelSnapshot.cs
-
+0 -108src/Services/Identity/Identity.API/Migrations/PersistedGrantDb/20210813072513_InitialMigration.Designer.cs
-
+0 -75src/Services/Identity/Identity.API/Migrations/PersistedGrantDb/20210813072513_InitialMigration.cs
-
+0 -106src/Services/Identity/Identity.API/Migrations/PersistedGrantDb/PersistedGrantDbContextModelSnapshot.cs
-
+0 -10src/Services/Identity/Identity.API/Models/AccountViewModels/ConsentInputModel.cs
-
+0 -61src/Services/Identity/Identity.API/Models/AccountViewModels/ConsentViewModel.cs
-
+7 -0src/Services/Identity/Identity.API/Models/AccountViewModels/RedirectViewModel.cs
-
+13 -0src/Services/Identity/Identity.API/Models/ConsentViewModels/ConsentInputModel.cs
-
+12 -0src/Services/Identity/Identity.API/Models/ConsentViewModels/ConsentOptions.cs
-
+15 -0src/Services/Identity/Identity.API/Models/ConsentViewModels/ConsentViewModel.cs
-
+17 -0src/Services/Identity/Identity.API/Models/ConsentViewModels/ProcessConsentResult.cs
-
+12 -0src/Services/Identity/Identity.API/Models/ConsentViewModels/ScopeViewModel.cs
-
+58 -54src/Services/Identity/Identity.API/Program.cs
-
+117 -0src/Services/Identity/Identity.API/ProgramExtensions.cs
-
+341 -0src/Services/Identity/Identity.API/Quickstart/Account/AccountController.cs
-
+16 -0src/Services/Identity/Identity.API/Quickstart/Account/AccountOptions.cs
-
+238 -0src/Services/Identity/Identity.API/Quickstart/Account/ExternalController.cs
-
+10 -0src/Services/Identity/Identity.API/Quickstart/Account/ExternalProvider.cs
-
+18 -0src/Services/Identity/Identity.API/Quickstart/Account/LoggedOutViewModel.cs
-
+15 -0src/Services/Identity/Identity.API/Quickstart/Account/LoginInputModel.cs
-
+17 -0src/Services/Identity/Identity.API/Quickstart/Account/LoginViewModel.cs
-
+10 -0src/Services/Identity/Identity.API/Quickstart/Account/LogoutInputModel.cs
-
+10 -0src/Services/Identity/Identity.API/Quickstart/Account/LogoutViewModel.cs
-
+11 -0src/Services/Identity/Identity.API/Quickstart/Account/RedirectViewModel.cs
-
+247 -0src/Services/Identity/Identity.API/Quickstart/Consent/ConsentController.cs
-
+14 -0src/Services/Identity/Identity.API/Quickstart/Consent/ConsentInputModel.cs
-
+15 -0src/Services/Identity/Identity.API/Quickstart/Consent/ConsentOptions.cs
-
+16 -0src/Services/Identity/Identity.API/Quickstart/Consent/ConsentViewModel.cs
-
+17 -0src/Services/Identity/Identity.API/Quickstart/Consent/ProcessConsentResult.cs
-
+15 -0src/Services/Identity/Identity.API/Quickstart/Consent/ScopeViewModel.cs
-
+10 -0src/Services/Identity/Identity.API/Quickstart/Device/DeviceAuthorizationInputModel.cs
-
+11 -0src/Services/Identity/Identity.API/Quickstart/Device/DeviceAuthorizationViewModel.cs
-
+214 -0src/Services/Identity/Identity.API/Quickstart/Device/DeviceController.cs
-
+22 -0src/Services/Identity/Identity.API/Quickstart/Diagnostics/DiagnosticsController.cs
-
+28 -0src/Services/Identity/Identity.API/Quickstart/Diagnostics/DiagnosticsViewModel.cs
-
+22 -0src/Services/Identity/Identity.API/Quickstart/Extensions.cs
-
+85 -0src/Services/Identity/Identity.API/Quickstart/Grants/GrantsController.cs
-
+23 -0src/Services/Identity/Identity.API/Quickstart/Grants/GrantsViewModel.cs
-
+18 -0src/Services/Identity/Identity.API/Quickstart/Home/ErrorViewModel.cs
-
+63 -0src/Services/Identity/Identity.API/Quickstart/Home/HomeController.cs
-
+52 -0src/Services/Identity/Identity.API/Quickstart/SecurityHeadersAttribute.cs
-
+124 -0src/Services/Identity/Identity.API/SeedData.cs
-
+0 -2src/Services/Identity/Identity.API/Setup/Users.csv
-
BINsrc/Services/Identity/Identity.API/Setup/images.zip
+ 1
- 1
.github/workflows/catalog-api.yml
View File
+ 1
- 1
.github/workflows/ordering-api.yml
View File
+ 2
- 2
src/ApiGateways/Mobile.Bff.Shopping/aggregator/Dockerfile
View File
+ 1
- 1
src/ApiGateways/Mobile.Bff.Shopping/aggregator/Dockerfile.develop
View File
+ 1
- 0
src/ApiGateways/Mobile.Bff.Shopping/aggregator/GlobalUsings.cs
View File
+ 14
- 13
src/ApiGateways/Mobile.Bff.Shopping/aggregator/Mobile.Shopping.HttpAggregator.csproj
View File
+ 21
- 2
src/ApiGateways/Mobile.Bff.Shopping/aggregator/Startup.cs
View File
+ 2
- 2
src/ApiGateways/Web.Bff.Shopping/aggregator/Dockerfile
View File
+ 1
- 1
src/ApiGateways/Web.Bff.Shopping/aggregator/Dockerfile.develop
View File
+ 1
- 0
src/ApiGateways/Web.Bff.Shopping/aggregator/GlobalUsings.cs
View File
+ 11
- 9
src/ApiGateways/Web.Bff.Shopping/aggregator/Startup.cs
View File
+ 15
- 14
src/ApiGateways/Web.Bff.Shopping/aggregator/Web.Shopping.HttpAggregator.csproj
View File
+ 3
- 3
src/BuildingBlocks/Devspaces.Support/Devspaces.Support.csproj
View File
| @ -1,11 +1,11 @@ | |||
| <Project Sdk="Microsoft.NET.Sdk"> | |||
| <PropertyGroup> | |||
| <TargetFramework>net6.0</TargetFramework> | |||
| <TargetFramework>net7.0</TargetFramework> | |||
| </PropertyGroup> | |||
| <ItemGroup> | |||
| <PackageReference Include="Microsoft.AspNetCore.Http.Abstractions" Version="2.2.0" /> | |||
| <PackageReference Include="Microsoft.Extensions.DependencyInjection.Abstractions" Version="6.0.0" /> | |||
| <PackageReference Include="Microsoft.Extensions.Http" Version="6.0.0" /> | |||
| <PackageReference Include="Microsoft.Extensions.DependencyInjection.Abstractions" Version="7.0.0" /> | |||
| <PackageReference Include="Microsoft.Extensions.Http" Version="7.0.0" /> | |||
| </ItemGroup> | |||
| </Project> | |||
+ 4
- 4
src/BuildingBlocks/EventBus/EventBus.Tests/EventBus.Tests.csproj
View File
+ 1
- 1
src/BuildingBlocks/EventBus/EventBus/EventBus.csproj
View File
+ 5
- 5
src/BuildingBlocks/EventBus/EventBusRabbitMQ/EventBusRabbitMQ.csproj
View File
+ 4
- 4
src/BuildingBlocks/EventBus/EventBusServiceBus/EventBusServiceBus.csproj
View File
+ 5
- 5
src/BuildingBlocks/EventBus/IntegrationEventLogEF/IntegrationEventLogEF.csproj
View File
+ 8
- 8
src/BuildingBlocks/WebHostCustomization/WebHost.Customization/WebHost.Customization.csproj
View File
+ 28
- 27
src/Services/Basket/Basket.API/Basket.API.csproj
View File
+ 2
- 2
src/Services/Basket/Basket.API/Dockerfile
View File
+ 1
- 1
src/Services/Basket/Basket.API/Dockerfile.develop
View File
+ 2
- 1
src/Services/Basket/Basket.API/GlobalUsings.cs
View File
+ 1
- 1
src/Services/Basket/Basket.API/Program.cs
View File
+ 13
- 6
src/Services/Basket/Basket.API/Startup.cs
View File
+ 8
- 8
src/Services/Basket/Basket.FunctionalTests/Basket.FunctionalTests.csproj
View File
+ 9
- 9
src/Services/Basket/Basket.UnitTests/Basket.UnitTests.csproj
View File
+ 33
- 30
src/Services/Catalog/Catalog.API/Catalog.API.csproj
View File
+ 2
- 2
src/Services/Catalog/Catalog.API/Dockerfile
View File
+ 1
- 1
src/Services/Catalog/Catalog.API/Dockerfile.develop
View File
+ 1
- 1
src/Services/Catalog/Catalog.API/Program.cs
View File
+ 6
- 6
src/Services/Catalog/Catalog.FunctionalTests/Catalog.FunctionalTests.csproj
View File
+ 7
- 7
src/Services/Catalog/Catalog.UnitTests/Catalog.UnitTests.csproj
View File
+ 0
- 31
src/Services/Identity/Identity.API/Certificate/Certificate.cs
View File
| @ -1,31 +0,0 @@ | |||
| namespace Microsoft.eShopOnContainers.Services.Identity.API.Certificates | |||
| { | |||
| static class Certificate | |||
| { | |||
| public static X509Certificate2 Get() | |||
| { | |||
| var assembly = typeof(Certificate).GetTypeInfo().Assembly; | |||
| var names = assembly.GetManifestResourceNames(); | |||
| /*********************************************************************************************** | |||
| * Please note that here we are using a local certificate only for testing purposes. In a | |||
| * real environment the certificate should be created and stored in a secure way, which is out | |||
| * of the scope of this project. | |||
| **********************************************************************************************/ | |||
| using var stream = assembly.GetManifestResourceStream("Identity.API.Certificate.idsrv3test.pfx"); | |||
| return new X509Certificate2(ReadStream(stream), "idsrv3test"); | |||
| } | |||
| private static byte[] ReadStream(Stream input) | |||
| { | |||
| byte[] buffer = new byte[16 * 1024]; | |||
| using MemoryStream ms = new MemoryStream(); | |||
| int read; | |||
| while ((read = input.Read(buffer, 0, buffer.Length)) > 0) | |||
| { | |||
| ms.Write(buffer, 0, read); | |||
| } | |||
| return ms.ToArray(); | |||
| } | |||
| } | |||
| } | |||
BIN
src/Services/Identity/Identity.API/Certificate/idsrv3test.pfx
View File
+ 48
- 32
src/Services/Identity/Identity.API/Configuration/Config.cs
View File
+ 0
- 299
src/Services/Identity/Identity.API/Controllers/AccountController.cs
View File
| @ -1,299 +0,0 @@ | |||
| namespace Microsoft.eShopOnContainers.Services.Identity.API.Controllers | |||
| { | |||
| /// <summary> | |||
| /// This sample controller implements a typical login/logout/provision workflow for local accounts. | |||
| /// The login service encapsulates the interactions with the user data store. This data store is in-memory only and cannot be used for production! | |||
| /// The interaction service provides a way for the UI to communicate with identityserver for validation and context retrieval | |||
| /// </summary> | |||
| public class AccountController : Controller | |||
| { | |||
| //private readonly InMemoryUserLoginService _loginService; | |||
| private readonly ILoginService<ApplicationUser> _loginService; | |||
| private readonly IIdentityServerInteractionService _interaction; | |||
| private readonly IClientStore _clientStore; | |||
| private readonly ILogger<AccountController> _logger; | |||
| private readonly UserManager<ApplicationUser> _userManager; | |||
| private readonly IConfiguration _configuration; | |||
| public AccountController( | |||
| //InMemoryUserLoginService loginService, | |||
| ILoginService<ApplicationUser> loginService, | |||
| IIdentityServerInteractionService interaction, | |||
| IClientStore clientStore, | |||
| ILogger<AccountController> logger, | |||
| UserManager<ApplicationUser> userManager, | |||
| IConfiguration configuration) | |||
| { | |||
| _loginService = loginService; | |||
| _interaction = interaction; | |||
| _clientStore = clientStore; | |||
| _logger = logger; | |||
| _userManager = userManager; | |||
| _configuration = configuration; | |||
| } | |||
| /// <summary> | |||
| /// Show login page | |||
| /// </summary> | |||
| [HttpGet] | |||
| public async Task<IActionResult> Login(string returnUrl) | |||
| { | |||
| var context = await _interaction.GetAuthorizationContextAsync(returnUrl); | |||
| if (context?.IdP != null) | |||
| { | |||
| throw new NotImplementedException("External login is not implemented!"); | |||
| } | |||
| var vm = await BuildLoginViewModelAsync(returnUrl, context); | |||
| ViewData["ReturnUrl"] = returnUrl; | |||
| return View(vm); | |||
| } | |||
| /// <summary> | |||
| /// Handle postback from username/password login | |||
| /// </summary> | |||
| [HttpPost] | |||
| [ValidateAntiForgeryToken] | |||
| public async Task<IActionResult> Login(LoginViewModel model) | |||
| { | |||
| if (ModelState.IsValid) | |||
| { | |||
| var user = await _loginService.FindByUsername(model.Email); | |||
| if (await _loginService.ValidateCredentials(user, model.Password)) | |||
| { | |||
| var tokenLifetime = _configuration.GetValue("TokenLifetimeMinutes", 120); | |||
| var props = new AuthenticationProperties | |||
| { | |||
| ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(tokenLifetime), | |||
| AllowRefresh = true, | |||
| RedirectUri = model.ReturnUrl | |||
| }; | |||
| if (model.RememberMe) | |||
| { | |||
| var permanentTokenLifetime = _configuration.GetValue("PermanentTokenLifetimeDays", 365); | |||
| props.ExpiresUtc = DateTimeOffset.UtcNow.AddDays(permanentTokenLifetime); | |||
| props.IsPersistent = true; | |||
| }; | |||
| await _loginService.SignInAsync(user, props); | |||
| // make sure the returnUrl is still valid, and if yes - redirect back to authorize endpoint | |||
| if (_interaction.IsValidReturnUrl(model.ReturnUrl)) | |||
| { | |||
| return Redirect(model.ReturnUrl); | |||
| } | |||
| return Redirect("~/"); | |||
| } | |||
| ModelState.AddModelError("", "Invalid username or password."); | |||
| } | |||
| // something went wrong, show form with error | |||
| var vm = await BuildLoginViewModelAsync(model); | |||
| ViewData["ReturnUrl"] = model.ReturnUrl; | |||
| return View(vm); | |||
| } | |||
| private async Task<LoginViewModel> BuildLoginViewModelAsync(string returnUrl, AuthorizationRequest context) | |||
| { | |||
| var allowLocal = true; | |||
| if (context?.ClientId != null) | |||
| { | |||
| var client = await _clientStore.FindEnabledClientByIdAsync(context.ClientId); | |||
| if (client != null) | |||
| { | |||
| allowLocal = client.EnableLocalLogin; | |||
| } | |||
| } | |||
| return new LoginViewModel | |||
| { | |||
| ReturnUrl = returnUrl, | |||
| Email = context?.LoginHint, | |||
| }; | |||
| } | |||
| private async Task<LoginViewModel> BuildLoginViewModelAsync(LoginViewModel model) | |||
| { | |||
| var context = await _interaction.GetAuthorizationContextAsync(model.ReturnUrl); | |||
| var vm = await BuildLoginViewModelAsync(model.ReturnUrl, context); | |||
| vm.Email = model.Email; | |||
| vm.RememberMe = model.RememberMe; | |||
| return vm; | |||
| } | |||
| /// <summary> | |||
| /// Show logout page | |||
| /// </summary> | |||
| [HttpGet] | |||
| public async Task<IActionResult> Logout(string logoutId) | |||
| { | |||
| if (User.Identity.IsAuthenticated == false) | |||
| { | |||
| // if the user is not authenticated, then just show logged out page | |||
| return await Logout(new LogoutViewModel { LogoutId = logoutId }); | |||
| } | |||
| //Test for Xamarin. | |||
| var context = await _interaction.GetLogoutContextAsync(logoutId); | |||
| if (context?.ShowSignoutPrompt == false) | |||
| { | |||
| //it's safe to automatically sign-out | |||
| return await Logout(new LogoutViewModel { LogoutId = logoutId }); | |||
| } | |||
| // show the logout prompt. this prevents attacks where the user | |||
| // is automatically signed out by another malicious web page. | |||
| var vm = new LogoutViewModel | |||
| { | |||
| LogoutId = logoutId | |||
| }; | |||
| return View(vm); | |||
| } | |||
| /// <summary> | |||
| /// Handle logout page postback | |||
| /// </summary> | |||
| [HttpPost] | |||
| [ValidateAntiForgeryToken] | |||
| public async Task<IActionResult> Logout(LogoutViewModel model) | |||
| { | |||
| var idp = User?.FindFirst(JwtClaimTypes.IdentityProvider)?.Value; | |||
| if (idp != null && idp != IdentityServerConstants.LocalIdentityProvider) | |||
| { | |||
| if (model.LogoutId == null) | |||
| { | |||
| // if there's no current logout context, we need to create one | |||
| // this captures necessary info from the current logged in user | |||
| // before we signout and redirect away to the external IdP for signout | |||
| model.LogoutId = await _interaction.CreateLogoutContextAsync(); | |||
| } | |||
| string url = "/Account/Logout?logoutId=" + model.LogoutId; | |||
| try | |||
| { | |||
| // hack: try/catch to handle social providers that throw | |||
| await HttpContext.SignOutAsync(idp, new AuthenticationProperties | |||
| { | |||
| RedirectUri = url | |||
| }); | |||
| } | |||
| catch (Exception ex) | |||
| { | |||
| _logger.LogError(ex, "LOGOUT ERROR: {ExceptionMessage}", ex.Message); | |||
| } | |||
| } | |||
| // delete authentication cookie | |||
| await HttpContext.SignOutAsync(); | |||
| await HttpContext.SignOutAsync(IdentityConstants.ApplicationScheme); | |||
| // set this so UI rendering sees an anonymous user | |||
| HttpContext.User = new ClaimsPrincipal(new ClaimsIdentity()); | |||
| // get context information (client name, post logout redirect URI and iframe for federated signout) | |||
| var logout = await _interaction.GetLogoutContextAsync(model.LogoutId); | |||
| return Redirect(logout?.PostLogoutRedirectUri); | |||
| } | |||
| public async Task<IActionResult> DeviceLogOut(string redirectUrl) | |||
| { | |||
| // delete authentication cookie | |||
| await HttpContext.SignOutAsync(); | |||
| // set this so UI rendering sees an anonymous user | |||
| HttpContext.User = new ClaimsPrincipal(new ClaimsIdentity()); | |||
| return Redirect(redirectUrl); | |||
| } | |||
| // GET: /Account/Register | |||
| [HttpGet] | |||
| [AllowAnonymous] | |||
| public IActionResult Register(string returnUrl = null) | |||
| { | |||
| ViewData["ReturnUrl"] = returnUrl; | |||
| return View(); | |||
| } | |||
| // | |||
| // POST: /Account/Register | |||
| [HttpPost] | |||
| [AllowAnonymous] | |||
| [ValidateAntiForgeryToken] | |||
| public async Task<IActionResult> Register(RegisterViewModel model, string returnUrl = null) | |||
| { | |||
| ViewData["ReturnUrl"] = returnUrl; | |||
| if (ModelState.IsValid) | |||
| { | |||
| var user = new ApplicationUser | |||
| { | |||
| UserName = model.Email, | |||
| Email = model.Email, | |||
| CardHolderName = model.User.CardHolderName, | |||
| CardNumber = model.User.CardNumber, | |||
| CardType = model.User.CardType, | |||
| City = model.User.City, | |||
| Country = model.User.Country, | |||
| Expiration = model.User.Expiration, | |||
| LastName = model.User.LastName, | |||
| Name = model.User.Name, | |||
| Street = model.User.Street, | |||
| State = model.User.State, | |||
| ZipCode = model.User.ZipCode, | |||
| PhoneNumber = model.User.PhoneNumber, | |||
| SecurityNumber = model.User.SecurityNumber | |||
| }; | |||
| var result = await _userManager.CreateAsync(user, model.Password); | |||
| if (result.Errors.Count() > 0) | |||
| { | |||
| AddErrors(result); | |||
| // If we got this far, something failed, redisplay form | |||
| return View(model); | |||
| } | |||
| } | |||
| if (returnUrl != null) | |||
| { | |||
| if (HttpContext.User.Identity.IsAuthenticated) | |||
| return Redirect(returnUrl); | |||
| else | |||
| if (ModelState.IsValid) | |||
| return RedirectToAction("login", "account", new { returnUrl = returnUrl }); | |||
| else | |||
| return View(model); | |||
| } | |||
| return RedirectToAction("index", "home"); | |||
| } | |||
| [HttpGet] | |||
| public IActionResult Redirecting() | |||
| { | |||
| return View(); | |||
| } | |||
| private void AddErrors(IdentityResult result) | |||
| { | |||
| foreach (var error in result.Errors) | |||
| { | |||
| ModelState.AddModelError(string.Empty, error.Description); | |||
| } | |||
| } | |||
| } | |||
| } | |||
+ 0
- 131
src/Services/Identity/Identity.API/Controllers/ConsentController.cs
View File
| @ -1,131 +0,0 @@ | |||
| namespace Microsoft.eShopOnContainers.Services.Identity.API.Controllers | |||
| { | |||
| /// <summary> | |||
| /// This controller implements the consent logic | |||
| /// </summary> | |||
| public class ConsentController : Controller | |||
| { | |||
| private readonly ILogger<ConsentController> _logger; | |||
| private readonly IClientStore _clientStore; | |||
| private readonly IResourceStore _resourceStore; | |||
| private readonly IIdentityServerInteractionService _interaction; | |||
| public ConsentController( | |||
| ILogger<ConsentController> logger, | |||
| IIdentityServerInteractionService interaction, | |||
| IClientStore clientStore, | |||
| IResourceStore resourceStore) | |||
| { | |||
| _logger = logger; | |||
| _interaction = interaction; | |||
| _clientStore = clientStore; | |||
| _resourceStore = resourceStore; | |||
| } | |||
| /// <summary> | |||
| /// Shows the consent screen | |||
| /// </summary> | |||
| /// <param name="returnUrl"></param> | |||
| /// <returns></returns> | |||
| [HttpGet] | |||
| public async Task<IActionResult> Index(string returnUrl) | |||
| { | |||
| var vm = await BuildViewModelAsync(returnUrl); | |||
| ViewData["ReturnUrl"] = returnUrl; | |||
| if (vm != null) | |||
| { | |||
| return View("Index", vm); | |||
| } | |||
| return View("Error"); | |||
| } | |||
| /// <summary> | |||
| /// Handles the consent screen postback | |||
| /// </summary> | |||
| [HttpPost] | |||
| [ValidateAntiForgeryToken] | |||
| public async Task<IActionResult> Index(ConsentInputModel model) | |||
| { | |||
| // parse the return URL back to an AuthorizeRequest object | |||
| var request = await _interaction.GetAuthorizationContextAsync(model.ReturnUrl); | |||
| ConsentResponse response = null; | |||
| // user clicked 'no' - send back the standard 'access_denied' response | |||
| if (model.Button == "no") | |||
| { | |||
| response = ConsentResponse.Denied; | |||
| } | |||
| // user clicked 'yes' - validate the data | |||
| else if (model.Button == "yes") | |||
| { | |||
| // if the user consented to some scope, build the response model | |||
| if (model.ScopesConsented != null && model.ScopesConsented.Any()) | |||
| { | |||
| response = new ConsentResponse | |||
| { | |||
| RememberConsent = model.RememberConsent, | |||
| ScopesConsented = model.ScopesConsented | |||
| }; | |||
| } | |||
| else | |||
| { | |||
| ModelState.AddModelError("", "You must pick at least one permission."); | |||
| } | |||
| } | |||
| else | |||
| { | |||
| ModelState.AddModelError("", "Invalid Selection"); | |||
| } | |||
| if (response != null) | |||
| { | |||
| // communicate outcome of consent back to identityserver | |||
| await _interaction.GrantConsentAsync(request, response); | |||
| // redirect back to authorization endpoint | |||
| return Redirect(model.ReturnUrl); | |||
| } | |||
| var vm = await BuildViewModelAsync(model.ReturnUrl, model); | |||
| if (vm != null) | |||
| { | |||
| return View("Index", vm); | |||
| } | |||
| return View("Error"); | |||
| } | |||
| async Task<ConsentViewModel> BuildViewModelAsync(string returnUrl, ConsentInputModel model = null) | |||
| { | |||
| var request = await _interaction.GetAuthorizationContextAsync(returnUrl); | |||
| if (request != null) | |||
| { | |||
| var client = await _clientStore.FindEnabledClientByIdAsync(request.ClientId); | |||
| if (client != null) | |||
| { | |||
| var resources = await _resourceStore.FindEnabledResourcesByScopeAsync(request.ScopesRequested); | |||
| if (resources != null && (resources.IdentityResources.Any() || resources.ApiResources.Any())) | |||
| { | |||
| return new ConsentViewModel(model, returnUrl, request, client, resources); | |||
| } | |||
| else | |||
| { | |||
| _logger.LogError("No scopes matching: {0}", request.ScopesRequested.Aggregate((x, y) => x + ", " + y)); | |||
| } | |||
| } | |||
| else | |||
| { | |||
| _logger.LogError("Invalid client id: {0}", request.ClientId); | |||
| } | |||
| } | |||
| else | |||
| { | |||
| _logger.LogError("No consent request matching request: {0}", returnUrl); | |||
| } | |||
| return null; | |||
| } | |||
| } | |||
| } | |||
+ 0
- 46
src/Services/Identity/Identity.API/Controllers/HomeController.cs
View File
| @ -1,46 +0,0 @@ | |||
| namespace Microsoft.eShopOnContainers.Services.Identity.API.Controllers | |||
| { | |||
| public class HomeController : Controller | |||
| { | |||
| private readonly IIdentityServerInteractionService _interaction; | |||
| private readonly IOptionsSnapshot<AppSettings> _settings; | |||
| private readonly IRedirectService _redirectSvc; | |||
| public HomeController(IIdentityServerInteractionService interaction, IOptionsSnapshot<AppSettings> settings, IRedirectService redirectSvc) | |||
| { | |||
| _interaction = interaction; | |||
| _settings = settings; | |||
| _redirectSvc = redirectSvc; | |||
| } | |||
| public IActionResult Index(string returnUrl) | |||
| { | |||
| return View(); | |||
| } | |||
| public IActionResult ReturnToOriginalApplication(string returnUrl) | |||
| { | |||
| if (returnUrl != null) | |||
| return Redirect(_redirectSvc.ExtractRedirectUriFromReturnUrl(returnUrl)); | |||
| else | |||
| return RedirectToAction("Index", "Home"); | |||
| } | |||
| /// <summary> | |||
| /// Shows the error page | |||
| /// </summary> | |||
| public async Task<IActionResult> Error(string errorId) | |||
| { | |||
| var vm = new ErrorViewModel(); | |||
| // retrieve error details from identityserver | |||
| var message = await _interaction.GetErrorContextAsync(errorId); | |||
| if (message != null) | |||
| { | |||
| vm.Error = message; | |||
| } | |||
| return View("Error", vm); | |||
| } | |||
| } | |||
| } | |||
+ 12
- 13
src/Services/Identity/Identity.API/Data/ApplicationDbContext.cs
View File
| @ -1,18 +1,17 @@ | |||
| namespace Microsoft.eShopOnContainers.Services.Identity.API.Data | |||
| namespace Microsoft.eShopOnContainers.Services.Identity.API.Data; | |||
| public class ApplicationDbContext : IdentityDbContext<ApplicationUser> | |||
| { | |||
| public class ApplicationDbContext : IdentityDbContext<ApplicationUser> | |||
| public ApplicationDbContext(DbContextOptions<ApplicationDbContext> options) | |||
| : base(options) | |||
| { | |||
| public ApplicationDbContext(DbContextOptions<ApplicationDbContext> options) | |||
| : base(options) | |||
| { | |||
| } | |||
| } | |||
| protected override void OnModelCreating(ModelBuilder builder) | |||
| { | |||
| base.OnModelCreating(builder); | |||
| // Customize the ASP.NET Identity model and override the defaults if needed. | |||
| // For example, you can rename the ASP.NET Identity table names and more. | |||
| // Add your customizations after calling base.OnModelCreating(builder); | |||
| } | |||
| protected override void OnModelCreating(ModelBuilder builder) | |||
| { | |||
| base.OnModelCreating(builder); | |||
| // Customize the ASP.NET Identity model and override the defaults if needed. | |||
| // For example, you can rename the ASP.NET Identity table names and more. | |||
| // Add your customizations after calling base.OnModelCreating(builder); | |||
| } | |||
| } | |||
+ 0
- 218
src/Services/Identity/Identity.API/Data/ApplicationDbContextSeed.cs
View File
| @ -1,218 +0,0 @@ | |||
| namespace Microsoft.eShopOnContainers.Services.Identity.API.Data | |||
| { | |||
| using Microsoft.Extensions.Logging; | |||
| public class ApplicationDbContextSeed | |||
| { | |||
| private readonly IPasswordHasher<ApplicationUser> _passwordHasher = new PasswordHasher<ApplicationUser>(); | |||
| public async Task SeedAsync(ApplicationDbContext context, IWebHostEnvironment env, | |||
| ILogger<ApplicationDbContextSeed> logger, IOptions<AppSettings> settings, int? retry = 0) | |||
| { | |||
| int retryForAvaiability = retry.Value; | |||
| try | |||
| { | |||
| var useCustomizationData = settings.Value.UseCustomizationData; | |||
| var contentRootPath = env.ContentRootPath; | |||
| var webroot = env.WebRootPath; | |||
| if (!context.Users.Any()) | |||
| { | |||
| context.Users.AddRange(useCustomizationData | |||
| ? GetUsersFromFile(contentRootPath, logger) | |||
| : GetDefaultUser()); | |||
| await context.SaveChangesAsync(); | |||
| } | |||
| if (useCustomizationData) | |||
| { | |||
| GetPreconfiguredImages(contentRootPath, webroot, logger); | |||
| } | |||
| } | |||
| catch (Exception ex) | |||
| { | |||
| if (retryForAvaiability < 10) | |||
| { | |||
| retryForAvaiability++; | |||
| logger.LogError(ex, "EXCEPTION ERROR while migrating {DbContextName}", nameof(ApplicationDbContext)); | |||
| await SeedAsync(context, env, logger, settings, retryForAvaiability); | |||
| } | |||
| } | |||
| } | |||
| private IEnumerable<ApplicationUser> GetUsersFromFile(string contentRootPath, ILogger logger) | |||
| { | |||
| string csvFileUsers = Path.Combine(contentRootPath, "Setup", "Users.csv"); | |||
| if (!File.Exists(csvFileUsers)) | |||
| { | |||
| return GetDefaultUser(); | |||
| } | |||
| string[] csvheaders; | |||
| try | |||
| { | |||
| string[] requiredHeaders = { | |||
| "cardholdername", "cardnumber", "cardtype", "city", "country", | |||
| "email", "expiration", "lastname", "name", "phonenumber", | |||
| "username", "zipcode", "state", "street", "securitynumber", | |||
| "normalizedemail", "normalizedusername", "password" | |||
| }; | |||
| csvheaders = GetHeaders(requiredHeaders, csvFileUsers); | |||
| } | |||
| catch (Exception ex) | |||
| { | |||
| logger.LogError(ex, "EXCEPTION ERROR: {Message}", ex.Message); | |||
| return GetDefaultUser(); | |||
| } | |||
| List<ApplicationUser> users = File.ReadAllLines(csvFileUsers) | |||
| .Skip(1) // skip header column | |||
| .Select(row => Regex.Split(row, ",(?=(?:[^\"]*\"[^\"]*\")*[^\"]*$)")) | |||
| .SelectTry(column => CreateApplicationUser(column, csvheaders)) | |||
| .OnCaughtException(ex => { logger.LogError(ex, "EXCEPTION ERROR: {Message}", ex.Message); return null; }) | |||
| .Where(x => x != null) | |||
| .ToList(); | |||
| return users; | |||
| } | |||
| private ApplicationUser CreateApplicationUser(string[] column, string[] headers) | |||
| { | |||
| if (column.Count() != headers.Count()) | |||
| { | |||
| throw new Exception($"column count '{column.Count()}' not the same as headers count'{headers.Count()}'"); | |||
| } | |||
| string cardtypeString = column[Array.IndexOf(headers, "cardtype")].Trim('"').Trim(); | |||
| if (!int.TryParse(cardtypeString, out int cardtype)) | |||
| { | |||
| throw new Exception($"cardtype='{cardtypeString}' is not a number"); | |||
| } | |||
| var user = new ApplicationUser | |||
| { | |||
| CardHolderName = column[Array.IndexOf(headers, "cardholdername")].Trim('"').Trim(), | |||
| CardNumber = column[Array.IndexOf(headers, "cardnumber")].Trim('"').Trim(), | |||
| CardType = cardtype, | |||
| City = column[Array.IndexOf(headers, "city")].Trim('"').Trim(), | |||
| Country = column[Array.IndexOf(headers, "country")].Trim('"').Trim(), | |||
| Email = column[Array.IndexOf(headers, "email")].Trim('"').Trim(), | |||
| Expiration = column[Array.IndexOf(headers, "expiration")].Trim('"').Trim(), | |||
| Id = Guid.NewGuid().ToString(), | |||
| LastName = column[Array.IndexOf(headers, "lastname")].Trim('"').Trim(), | |||
| Name = column[Array.IndexOf(headers, "name")].Trim('"').Trim(), | |||
| PhoneNumber = column[Array.IndexOf(headers, "phonenumber")].Trim('"').Trim(), | |||
| UserName = column[Array.IndexOf(headers, "username")].Trim('"').Trim(), | |||
| ZipCode = column[Array.IndexOf(headers, "zipcode")].Trim('"').Trim(), | |||
| State = column[Array.IndexOf(headers, "state")].Trim('"').Trim(), | |||
| Street = column[Array.IndexOf(headers, "street")].Trim('"').Trim(), | |||
| SecurityNumber = column[Array.IndexOf(headers, "securitynumber")].Trim('"').Trim(), | |||
| NormalizedEmail = column[Array.IndexOf(headers, "normalizedemail")].Trim('"').Trim(), | |||
| NormalizedUserName = column[Array.IndexOf(headers, "normalizedusername")].Trim('"').Trim(), | |||
| SecurityStamp = Guid.NewGuid().ToString("D"), | |||
| PasswordHash = column[Array.IndexOf(headers, "password")].Trim('"').Trim(), // Note: This is the password | |||
| }; | |||
| user.PasswordHash = _passwordHasher.HashPassword(user, user.PasswordHash); | |||
| return user; | |||
| } | |||
| private IEnumerable<ApplicationUser> GetDefaultUser() | |||
| { | |||
| var user = | |||
| new ApplicationUser() | |||
| { | |||
| CardHolderName = "DemoUser", | |||
| CardNumber = "4012888888881881", | |||
| CardType = 1, | |||
| City = "Redmond", | |||
| Country = "U.S.", | |||
| Email = "demouser@microsoft.com", | |||
| Expiration = "12/25", | |||
| Id = Guid.NewGuid().ToString(), | |||
| LastName = "DemoLastName", | |||
| Name = "DemoUser", | |||
| PhoneNumber = "1234567890", | |||
| UserName = "demouser@microsoft.com", | |||
| ZipCode = "98052", | |||
| State = "WA", | |||
| Street = "15703 NE 61st Ct", | |||
| SecurityNumber = "535", | |||
| NormalizedEmail = "DEMOUSER@MICROSOFT.COM", | |||
| NormalizedUserName = "DEMOUSER@MICROSOFT.COM", | |||
| SecurityStamp = Guid.NewGuid().ToString("D"), | |||
| }; | |||
| user.PasswordHash = _passwordHasher.HashPassword(user, "Pass@word1"); | |||
| return new List<ApplicationUser>() | |||
| { | |||
| user | |||
| }; | |||
| } | |||
| static string[] GetHeaders(string[] requiredHeaders, string csvfile) | |||
| { | |||
| string[] csvheaders = File.ReadLines(csvfile).First().ToLowerInvariant().Split(','); | |||
| if (csvheaders.Count() != requiredHeaders.Count()) | |||
| { | |||
| throw new Exception($"requiredHeader count '{ requiredHeaders.Count()}' is different then read header '{csvheaders.Count()}'"); | |||
| } | |||
| foreach (var requiredHeader in requiredHeaders) | |||
| { | |||
| if (!csvheaders.Contains(requiredHeader)) | |||
| { | |||
| throw new Exception($"does not contain required header '{requiredHeader}'"); | |||
| } | |||
| } | |||
| return csvheaders; | |||
| } | |||
| static void GetPreconfiguredImages(string contentRootPath, string webroot, ILogger logger) | |||
| { | |||
| try | |||
| { | |||
| string imagesZipFile = Path.Combine(contentRootPath, "Setup", "images.zip"); | |||
| if (!File.Exists(imagesZipFile)) | |||
| { | |||
| logger.LogError("Zip file '{ZipFileName}' does not exists.", imagesZipFile); | |||
| return; | |||
| } | |||
| string imagePath = Path.Combine(webroot, "images"); | |||
| string[] imageFiles = Directory.GetFiles(imagePath).Select(file => Path.GetFileName(file)).ToArray(); | |||
| using ZipArchive zip = ZipFile.Open(imagesZipFile, ZipArchiveMode.Read); | |||
| foreach (ZipArchiveEntry entry in zip.Entries) | |||
| { | |||
| if (imageFiles.Contains(entry.Name)) | |||
| { | |||
| string destinationFilename = Path.Combine(imagePath, entry.Name); | |||
| if (File.Exists(destinationFilename)) | |||
| { | |||
| File.Delete(destinationFilename); | |||
| } | |||
| entry.ExtractToFile(destinationFilename); | |||
| } | |||
| else | |||
| { | |||
| logger.LogWarning("Skipped file '{FileName}' in zipfile '{ZipFileName}'", entry.Name, imagesZipFile); | |||
| } | |||
| } | |||
| } | |||
| catch (Exception ex) | |||
| { | |||
| logger.LogError(ex, "EXCEPTION ERROR: {Message}", ex.Message); ; | |||
| } | |||
| } | |||
| } | |||
| } | |||
+ 0
- 73
src/Services/Identity/Identity.API/Data/ConfigurationDbContextSeed.cs
View File
| @ -1,73 +0,0 @@ | |||
| using IdentityServer4.EntityFramework.Entities; | |||
| namespace Microsoft.eShopOnContainers.Services.Identity.API.Data | |||
| { | |||
| public class ConfigurationDbContextSeed | |||
| { | |||
| public async Task SeedAsync(ConfigurationDbContext context, IConfiguration configuration) | |||
| { | |||
| //callbacks urls from config: | |||
| var clientUrls = new Dictionary<string, string>(); | |||
| clientUrls.Add("Mvc", configuration.GetValue<string>("MvcClient")); | |||
| clientUrls.Add("Spa", configuration.GetValue<string>("SpaClient")); | |||
| clientUrls.Add("Xamarin", configuration.GetValue<string>("XamarinCallback")); | |||
| clientUrls.Add("BasketApi", configuration.GetValue<string>("BasketApiClient")); | |||
| clientUrls.Add("OrderingApi", configuration.GetValue<string>("OrderingApiClient")); | |||
| clientUrls.Add("MobileShoppingAgg", configuration.GetValue<string>("MobileShoppingAggClient")); | |||
| clientUrls.Add("WebShoppingAgg", configuration.GetValue<string>("WebShoppingAggClient")); | |||
| clientUrls.Add("WebhooksApi", configuration.GetValue<string>("WebhooksApiClient")); | |||
| clientUrls.Add("WebhooksWeb", configuration.GetValue<string>("WebhooksWebClient")); | |||
| if (!context.Clients.Any()) | |||
| { | |||
| foreach (var client in Config.GetClients(clientUrls)) | |||
| { | |||
| context.Clients.Add(client.ToEntity()); | |||
| } | |||
| await context.SaveChangesAsync(); | |||
| } | |||
| // Checking always for old redirects to fix existing deployments | |||
| // to use new swagger-ui redirect uri as of v3.0.0 | |||
| // There should be no problem for new ones | |||
| // ref: https://github.com/dotnet-architecture/eShopOnContainers/issues/586 | |||
| else | |||
| { | |||
| List<ClientRedirectUri> oldRedirects = (await context.Clients.Include(c => c.RedirectUris).ToListAsync()) | |||
| .SelectMany(c => c.RedirectUris) | |||
| .Where(ru => ru.RedirectUri.EndsWith("/o2c.html")) | |||
| .ToList(); | |||
| if (oldRedirects.Any()) | |||
| { | |||
| foreach (var ru in oldRedirects) | |||
| { | |||
| ru.RedirectUri = ru.RedirectUri.Replace("/o2c.html", "/oauth2-redirect.html"); | |||
| context.Update(ru.Client); | |||
| } | |||
| await context.SaveChangesAsync(); | |||
| } | |||
| } | |||
| if (!context.IdentityResources.Any()) | |||
| { | |||
| foreach (var resource in Config.GetResources()) | |||
| { | |||
| context.IdentityResources.Add(resource.ToEntity()); | |||
| } | |||
| await context.SaveChangesAsync(); | |||
| } | |||
| if (!context.ApiResources.Any()) | |||
| { | |||
| foreach (var api in Config.GetApis()) | |||
| { | |||
| context.ApiResources.Add(api.ToEntity()); | |||
| } | |||
| await context.SaveChangesAsync(); | |||
| } | |||
| } | |||
| } | |||
| } | |||
src/Services/Identity/Identity.API/Migrations/20210813072445_InitialMigration.Designer.cs → src/Services/Identity/Identity.API/Data/Migrations/20210914100206_InitialMigration.Designer.cs
View File
src/Services/Identity/Identity.API/Migrations/20210813072445_InitialMigration.cs → src/Services/Identity/Identity.API/Data/Migrations/20210914100206_InitialMigration.cs
View File
| @ -1,7 +1,7 @@ | |||
| using System; | |||
| using Microsoft.EntityFrameworkCore.Migrations; | |||
| namespace Identity.API.Migrations | |||
| namespace Microsoft.eShopOnContainers.Services.Identity.API.Data.Migrations | |||
| { | |||
| public partial class InitialMigration : Migration | |||
| { | |||
src/Services/Identity/Identity.API/Migrations/ApplicationDbContextModelSnapshot.cs → src/Services/Identity/Identity.API/Data/Migrations/ApplicationDbContextModelSnapshot.cs
View File
+ 2
- 2
src/Services/Identity/Identity.API/Devspaces/DevspacesRedirectUriValidator.cs
View File
+ 2
- 2
src/Services/Identity/Identity.API/Dockerfile
View File
+ 1
- 1
src/Services/Identity/Identity.API/Dockerfile.develop
View File
+ 0
- 46
src/Services/Identity/Identity.API/Extensions/LinqSelectExtensions.cs
View File
| @ -1,46 +0,0 @@ | |||
| namespace Microsoft.eShopOnContainers.Services.Identity.API.Extensions | |||
| { | |||
| public static class LinqSelectExtensions | |||
| { | |||
| public static IEnumerable<SelectTryResult<TSource, TResult>> SelectTry<TSource, TResult>(this IEnumerable<TSource> enumerable, Func<TSource, TResult> selector) | |||
| { | |||
| foreach (TSource element in enumerable) | |||
| { | |||
| SelectTryResult<TSource, TResult> returnedValue; | |||
| try | |||
| { | |||
| returnedValue = new SelectTryResult<TSource, TResult>(element, selector(element), null); | |||
| } | |||
| catch (Exception ex) | |||
| { | |||
| returnedValue = new SelectTryResult<TSource, TResult>(element, default(TResult), ex); | |||
| } | |||
| yield return returnedValue; | |||
| } | |||
| } | |||
| public static IEnumerable<TResult> OnCaughtException<TSource, TResult>(this IEnumerable<SelectTryResult<TSource, TResult>> enumerable, Func<Exception, TResult> exceptionHandler) | |||
| { | |||
| return enumerable.Select(x => x.CaughtException == null ? x.Result : exceptionHandler(x.CaughtException)); | |||
| } | |||
| public static IEnumerable<TResult> OnCaughtException<TSource, TResult>(this IEnumerable<SelectTryResult<TSource, TResult>> enumerable, Func<TSource, Exception, TResult> exceptionHandler) | |||
| { | |||
| return enumerable.Select(x => x.CaughtException == null ? x.Result : exceptionHandler(x.Source, x.CaughtException)); | |||
| } | |||
| public class SelectTryResult<TSource, TResult> | |||
| { | |||
| internal SelectTryResult(TSource source, TResult result, Exception exception) | |||
| { | |||
| Source = source; | |||
| Result = result; | |||
| CaughtException = exception; | |||
| } | |||
| public TSource Source { get; private set; } | |||
| public TResult Result { get; private set; } | |||
| public Exception CaughtException { get; private set; } | |||
| } | |||
| } | |||
| } | |||
+ 0
- 20
src/Services/Identity/Identity.API/Factories/ApplicationDbContextFactory.cs
View File
| @ -1,20 +0,0 @@ | |||
| namespace Identity.API.Factories | |||
| { | |||
| public class ApplicationDbContextFactory : IDesignTimeDbContextFactory<ApplicationDbContext> | |||
| { | |||
| public ApplicationDbContext CreateDbContext(string[] args) | |||
| { | |||
| var config = new ConfigurationBuilder() | |||
| .SetBasePath(Path.Combine(Directory.GetCurrentDirectory())) | |||
| .AddJsonFile("appsettings.json") | |||
| .AddEnvironmentVariables() | |||
| .Build(); | |||
| var optionsBuilder = new DbContextOptionsBuilder<ApplicationDbContext>(); | |||
| optionsBuilder.UseSqlServer(config["ConnectionString"], sqlServerOptionsAction: o => o.MigrationsAssembly("Identity.API")); | |||
| return new ApplicationDbContext(optionsBuilder.Options); | |||
| } | |||
| } | |||
| } | |||
+ 0
- 21
src/Services/Identity/Identity.API/Factories/ConfigurationDbContextFactory.cs
View File
| @ -1,21 +0,0 @@ | |||
| namespace Identity.API.Factories | |||
| { | |||
| public class ConfigurationDbContextFactory : IDesignTimeDbContextFactory<ConfigurationDbContext> | |||
| { | |||
| public ConfigurationDbContext CreateDbContext(string[] args) | |||
| { | |||
| var config = new ConfigurationBuilder() | |||
| .SetBasePath(Path.Combine(Directory.GetCurrentDirectory())) | |||
| .AddJsonFile("appsettings.json") | |||
| .AddEnvironmentVariables() | |||
| .Build(); | |||
| var optionsBuilder = new DbContextOptionsBuilder<ConfigurationDbContext>(); | |||
| var storeOptions = new ConfigurationStoreOptions(); | |||
| optionsBuilder.UseSqlServer(config["ConnectionString"], sqlServerOptionsAction: o => o.MigrationsAssembly("Identity.API")); | |||
| return new ConfigurationDbContext(optionsBuilder.Options, storeOptions); | |||
| } | |||
| } | |||
| } | |||
+ 0
- 21
src/Services/Identity/Identity.API/Factories/PersistedGrantDbContextFactory.cs
View File
| @ -1,21 +0,0 @@ | |||
| namespace Identity.API.Factories | |||
| { | |||
| public class PersistedGrantDbContextFactory : IDesignTimeDbContextFactory<PersistedGrantDbContext> | |||
| { | |||
| public PersistedGrantDbContext CreateDbContext(string[] args) | |||
| { | |||
| var config = new ConfigurationBuilder() | |||
| .SetBasePath(Path.Combine(Directory.GetCurrentDirectory())) | |||
| .AddJsonFile("appsettings.json") | |||
| .AddEnvironmentVariables() | |||
| .Build(); | |||
| var optionsBuilder = new DbContextOptionsBuilder<PersistedGrantDbContext>(); | |||
| var operationOptions = new OperationalStoreOptions(); | |||
| optionsBuilder.UseSqlServer(config["ConnectionString"], sqlServerOptionsAction: o => o.MigrationsAssembly("Identity.API")); | |||
| return new PersistedGrantDbContext(optionsBuilder.Options, operationOptions); | |||
| } | |||
| } | |||
| } | |||
+ 14
- 14
src/Services/Identity/Identity.API/GlobalUsings.cs
View File
+ 60
- 52
src/Services/Identity/Identity.API/Identity.API.csproj
View File
+ 0
- 911
src/Services/Identity/Identity.API/Migrations/ConfigurationDb/20210813072543_InitialMigration.Designer.cs
View File
| @ -1,911 +0,0 @@ | |||
| // <auto-generated /> | |||
| using System; | |||
| using IdentityServer4.EntityFramework.DbContexts; | |||
| using Microsoft.EntityFrameworkCore; | |||
| using Microsoft.EntityFrameworkCore.Infrastructure; | |||
| using Microsoft.EntityFrameworkCore.Metadata; | |||
| using Microsoft.EntityFrameworkCore.Migrations; | |||
| using Microsoft.EntityFrameworkCore.Storage.ValueConversion; | |||
| namespace Identity.API.Migrations.ConfigurationDb | |||
| { | |||
| [DbContext(typeof(ConfigurationDbContext))] | |||
| [Migration("20210813072543_InitialMigration")] | |||
| partial class InitialMigration | |||
| { | |||
| protected override void BuildTargetModel(ModelBuilder modelBuilder) | |||
| { | |||
| #pragma warning disable 612, 618 | |||
| modelBuilder | |||
| .HasAnnotation("Relational:MaxIdentifierLength", 128) | |||
| .HasAnnotation("ProductVersion", "6.0.0") | |||
| .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiResource", b => | |||
| { | |||
| b.Property<int>("Id") | |||
| .ValueGeneratedOnAdd() | |||
| .HasColumnType("int") | |||
| .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); | |||
| b.Property<DateTime>("Created") | |||
| .HasColumnType("datetime2"); | |||
| b.Property<string>("Description") | |||
| .HasMaxLength(1000) | |||
| .HasColumnType("nvarchar(1000)"); | |||
| b.Property<string>("DisplayName") | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.Property<bool>("Enabled") | |||
| .HasColumnType("bit"); | |||
| b.Property<DateTime?>("LastAccessed") | |||
| .HasColumnType("datetime2"); | |||
| b.Property<string>("Name") | |||
| .IsRequired() | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.Property<bool>("NonEditable") | |||
| .HasColumnType("bit"); | |||
| b.Property<DateTime?>("Updated") | |||
| .HasColumnType("datetime2"); | |||
| b.HasKey("Id"); | |||
| b.HasIndex("Name") | |||
| .IsUnique(); | |||
| b.ToTable("ApiResources", (string)null); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiResourceClaim", b => | |||
| { | |||
| b.Property<int>("Id") | |||
| .ValueGeneratedOnAdd() | |||
| .HasColumnType("int") | |||
| .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); | |||
| b.Property<int>("ApiResourceId") | |||
| .HasColumnType("int"); | |||
| b.Property<string>("Type") | |||
| .IsRequired() | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.HasKey("Id"); | |||
| b.HasIndex("ApiResourceId"); | |||
| b.ToTable("ApiClaims", (string)null); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiResourceProperty", b => | |||
| { | |||
| b.Property<int>("Id") | |||
| .ValueGeneratedOnAdd() | |||
| .HasColumnType("int") | |||
| .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); | |||
| b.Property<int>("ApiResourceId") | |||
| .HasColumnType("int"); | |||
| b.Property<string>("Key") | |||
| .IsRequired() | |||
| .HasMaxLength(250) | |||
| .HasColumnType("nvarchar(250)"); | |||
| b.Property<string>("Value") | |||
| .IsRequired() | |||
| .HasMaxLength(2000) | |||
| .HasColumnType("nvarchar(2000)"); | |||
| b.HasKey("Id"); | |||
| b.HasIndex("ApiResourceId"); | |||
| b.ToTable("ApiProperties", (string)null); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiScope", b => | |||
| { | |||
| b.Property<int>("Id") | |||
| .ValueGeneratedOnAdd() | |||
| .HasColumnType("int") | |||
| .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); | |||
| b.Property<int>("ApiResourceId") | |||
| .HasColumnType("int"); | |||
| b.Property<string>("Description") | |||
| .HasMaxLength(1000) | |||
| .HasColumnType("nvarchar(1000)"); | |||
| b.Property<string>("DisplayName") | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.Property<bool>("Emphasize") | |||
| .HasColumnType("bit"); | |||
| b.Property<string>("Name") | |||
| .IsRequired() | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.Property<bool>("Required") | |||
| .HasColumnType("bit"); | |||
| b.Property<bool>("ShowInDiscoveryDocument") | |||
| .HasColumnType("bit"); | |||
| b.HasKey("Id"); | |||
| b.HasIndex("ApiResourceId"); | |||
| b.HasIndex("Name") | |||
| .IsUnique(); | |||
| b.ToTable("ApiScopes", (string)null); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiScopeClaim", b => | |||
| { | |||
| b.Property<int>("Id") | |||
| .ValueGeneratedOnAdd() | |||
| .HasColumnType("int") | |||
| .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); | |||
| b.Property<int>("ApiScopeId") | |||
| .HasColumnType("int"); | |||
| b.Property<string>("Type") | |||
| .IsRequired() | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.HasKey("Id"); | |||
| b.HasIndex("ApiScopeId"); | |||
| b.ToTable("ApiScopeClaims", (string)null); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiSecret", b => | |||
| { | |||
| b.Property<int>("Id") | |||
| .ValueGeneratedOnAdd() | |||
| .HasColumnType("int") | |||
| .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); | |||
| b.Property<int>("ApiResourceId") | |||
| .HasColumnType("int"); | |||
| b.Property<DateTime>("Created") | |||
| .HasColumnType("datetime2"); | |||
| b.Property<string>("Description") | |||
| .HasMaxLength(1000) | |||
| .HasColumnType("nvarchar(1000)"); | |||
| b.Property<DateTime?>("Expiration") | |||
| .HasColumnType("datetime2"); | |||
| b.Property<string>("Type") | |||
| .IsRequired() | |||
| .HasMaxLength(250) | |||
| .HasColumnType("nvarchar(250)"); | |||
| b.Property<string>("Value") | |||
| .IsRequired() | |||
| .HasMaxLength(4000) | |||
| .HasColumnType("nvarchar(4000)"); | |||
| b.HasKey("Id"); | |||
| b.HasIndex("ApiResourceId"); | |||
| b.ToTable("ApiSecrets", (string)null); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.Client", b => | |||
| { | |||
| b.Property<int>("Id") | |||
| .ValueGeneratedOnAdd() | |||
| .HasColumnType("int") | |||
| .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); | |||
| b.Property<int>("AbsoluteRefreshTokenLifetime") | |||
| .HasColumnType("int"); | |||
| b.Property<int>("AccessTokenLifetime") | |||
| .HasColumnType("int"); | |||
| b.Property<int>("AccessTokenType") | |||
| .HasColumnType("int"); | |||
| b.Property<bool>("AllowAccessTokensViaBrowser") | |||
| .HasColumnType("bit"); | |||
| b.Property<bool>("AllowOfflineAccess") | |||
| .HasColumnType("bit"); | |||
| b.Property<bool>("AllowPlainTextPkce") | |||
| .HasColumnType("bit"); | |||
| b.Property<bool>("AllowRememberConsent") | |||
| .HasColumnType("bit"); | |||
| b.Property<bool>("AlwaysIncludeUserClaimsInIdToken") | |||
| .HasColumnType("bit"); | |||
| b.Property<bool>("AlwaysSendClientClaims") | |||
| .HasColumnType("bit"); | |||
| b.Property<int>("AuthorizationCodeLifetime") | |||
| .HasColumnType("int"); | |||
| b.Property<bool>("BackChannelLogoutSessionRequired") | |||
| .HasColumnType("bit"); | |||
| b.Property<string>("BackChannelLogoutUri") | |||
| .HasMaxLength(2000) | |||
| .HasColumnType("nvarchar(2000)"); | |||
| b.Property<string>("ClientClaimsPrefix") | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.Property<string>("ClientId") | |||
| .IsRequired() | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.Property<string>("ClientName") | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.Property<string>("ClientUri") | |||
| .HasMaxLength(2000) | |||
| .HasColumnType("nvarchar(2000)"); | |||
| b.Property<int?>("ConsentLifetime") | |||
| .HasColumnType("int"); | |||
| b.Property<DateTime>("Created") | |||
| .HasColumnType("datetime2"); | |||
| b.Property<string>("Description") | |||
| .HasMaxLength(1000) | |||
| .HasColumnType("nvarchar(1000)"); | |||
| b.Property<int>("DeviceCodeLifetime") | |||
| .HasColumnType("int"); | |||
| b.Property<bool>("EnableLocalLogin") | |||
| .HasColumnType("bit"); | |||
| b.Property<bool>("Enabled") | |||
| .HasColumnType("bit"); | |||
| b.Property<bool>("FrontChannelLogoutSessionRequired") | |||
| .HasColumnType("bit"); | |||
| b.Property<string>("FrontChannelLogoutUri") | |||
| .HasMaxLength(2000) | |||
| .HasColumnType("nvarchar(2000)"); | |||
| b.Property<int>("IdentityTokenLifetime") | |||
| .HasColumnType("int"); | |||
| b.Property<bool>("IncludeJwtId") | |||
| .HasColumnType("bit"); | |||
| b.Property<DateTime?>("LastAccessed") | |||
| .HasColumnType("datetime2"); | |||
| b.Property<string>("LogoUri") | |||
| .HasMaxLength(2000) | |||
| .HasColumnType("nvarchar(2000)"); | |||
| b.Property<bool>("NonEditable") | |||
| .HasColumnType("bit"); | |||
| b.Property<string>("PairWiseSubjectSalt") | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.Property<string>("ProtocolType") | |||
| .IsRequired() | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.Property<int>("RefreshTokenExpiration") | |||
| .HasColumnType("int"); | |||
| b.Property<int>("RefreshTokenUsage") | |||
| .HasColumnType("int"); | |||
| b.Property<bool>("RequireClientSecret") | |||
| .HasColumnType("bit"); | |||
| b.Property<bool>("RequireConsent") | |||
| .HasColumnType("bit"); | |||
| b.Property<bool>("RequirePkce") | |||
| .HasColumnType("bit"); | |||
| b.Property<int>("SlidingRefreshTokenLifetime") | |||
| .HasColumnType("int"); | |||
| b.Property<bool>("UpdateAccessTokenClaimsOnRefresh") | |||
| .HasColumnType("bit"); | |||
| b.Property<DateTime?>("Updated") | |||
| .HasColumnType("datetime2"); | |||
| b.Property<string>("UserCodeType") | |||
| .HasMaxLength(100) | |||
| .HasColumnType("nvarchar(100)"); | |||
| b.Property<int?>("UserSsoLifetime") | |||
| .HasColumnType("int"); | |||
| b.HasKey("Id"); | |||
| b.HasIndex("ClientId") | |||
| .IsUnique(); | |||
| b.ToTable("Clients", (string)null); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientClaim", b => | |||
| { | |||
| b.Property<int>("Id") | |||
| .ValueGeneratedOnAdd() | |||
| .HasColumnType("int") | |||
| .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); | |||
| b.Property<int>("ClientId") | |||
| .HasColumnType("int"); | |||
| b.Property<string>("Type") | |||
| .IsRequired() | |||
| .HasMaxLength(250) | |||
| .HasColumnType("nvarchar(250)"); | |||
| b.Property<string>("Value") | |||
| .IsRequired() | |||
| .HasMaxLength(250) | |||
| .HasColumnType("nvarchar(250)"); | |||
| b.HasKey("Id"); | |||
| b.HasIndex("ClientId"); | |||
| b.ToTable("ClientClaims", (string)null); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientCorsOrigin", b => | |||
| { | |||
| b.Property<int>("Id") | |||
| .ValueGeneratedOnAdd() | |||
| .HasColumnType("int") | |||
| .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); | |||
| b.Property<int>("ClientId") | |||
| .HasColumnType("int"); | |||
| b.Property<string>("Origin") | |||
| .IsRequired() | |||
| .HasMaxLength(150) | |||
| .HasColumnType("nvarchar(150)"); | |||
| b.HasKey("Id"); | |||
| b.HasIndex("ClientId"); | |||
| b.ToTable("ClientCorsOrigins", (string)null); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientGrantType", b => | |||
| { | |||
| b.Property<int>("Id") | |||
| .ValueGeneratedOnAdd() | |||
| .HasColumnType("int") | |||
| .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); | |||
| b.Property<int>("ClientId") | |||
| .HasColumnType("int"); | |||
| b.Property<string>("GrantType") | |||
| .IsRequired() | |||
| .HasMaxLength(250) | |||
| .HasColumnType("nvarchar(250)"); | |||
| b.HasKey("Id"); | |||
| b.HasIndex("ClientId"); | |||
| b.ToTable("ClientGrantTypes", (string)null); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientIdPRestriction", b => | |||
| { | |||
| b.Property<int>("Id") | |||
| .ValueGeneratedOnAdd() | |||
| .HasColumnType("int") | |||
| .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); | |||
| b.Property<int>("ClientId") | |||
| .HasColumnType("int"); | |||
| b.Property<string>("Provider") | |||
| .IsRequired() | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.HasKey("Id"); | |||
| b.HasIndex("ClientId"); | |||
| b.ToTable("ClientIdPRestrictions", (string)null); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientPostLogoutRedirectUri", b => | |||
| { | |||
| b.Property<int>("Id") | |||
| .ValueGeneratedOnAdd() | |||
| .HasColumnType("int") | |||
| .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); | |||
| b.Property<int>("ClientId") | |||
| .HasColumnType("int"); | |||
| b.Property<string>("PostLogoutRedirectUri") | |||
| .IsRequired() | |||
| .HasMaxLength(2000) | |||
| .HasColumnType("nvarchar(2000)"); | |||
| b.HasKey("Id"); | |||
| b.HasIndex("ClientId"); | |||
| b.ToTable("ClientPostLogoutRedirectUris", (string)null); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientProperty", b => | |||
| { | |||
| b.Property<int>("Id") | |||
| .ValueGeneratedOnAdd() | |||
| .HasColumnType("int") | |||
| .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); | |||
| b.Property<int>("ClientId") | |||
| .HasColumnType("int"); | |||
| b.Property<string>("Key") | |||
| .IsRequired() | |||
| .HasMaxLength(250) | |||
| .HasColumnType("nvarchar(250)"); | |||
| b.Property<string>("Value") | |||
| .IsRequired() | |||
| .HasMaxLength(2000) | |||
| .HasColumnType("nvarchar(2000)"); | |||
| b.HasKey("Id"); | |||
| b.HasIndex("ClientId"); | |||
| b.ToTable("ClientProperties", (string)null); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientRedirectUri", b => | |||
| { | |||
| b.Property<int>("Id") | |||
| .ValueGeneratedOnAdd() | |||
| .HasColumnType("int") | |||
| .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); | |||
| b.Property<int>("ClientId") | |||
| .HasColumnType("int"); | |||
| b.Property<string>("RedirectUri") | |||
| .IsRequired() | |||
| .HasMaxLength(2000) | |||
| .HasColumnType("nvarchar(2000)"); | |||
| b.HasKey("Id"); | |||
| b.HasIndex("ClientId"); | |||
| b.ToTable("ClientRedirectUris", (string)null); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientScope", b => | |||
| { | |||
| b.Property<int>("Id") | |||
| .ValueGeneratedOnAdd() | |||
| .HasColumnType("int") | |||
| .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); | |||
| b.Property<int>("ClientId") | |||
| .HasColumnType("int"); | |||
| b.Property<string>("Scope") | |||
| .IsRequired() | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.HasKey("Id"); | |||
| b.HasIndex("ClientId"); | |||
| b.ToTable("ClientScopes", (string)null); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientSecret", b => | |||
| { | |||
| b.Property<int>("Id") | |||
| .ValueGeneratedOnAdd() | |||
| .HasColumnType("int") | |||
| .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); | |||
| b.Property<int>("ClientId") | |||
| .HasColumnType("int"); | |||
| b.Property<DateTime>("Created") | |||
| .HasColumnType("datetime2"); | |||
| b.Property<string>("Description") | |||
| .HasMaxLength(2000) | |||
| .HasColumnType("nvarchar(2000)"); | |||
| b.Property<DateTime?>("Expiration") | |||
| .HasColumnType("datetime2"); | |||
| b.Property<string>("Type") | |||
| .IsRequired() | |||
| .HasMaxLength(250) | |||
| .HasColumnType("nvarchar(250)"); | |||
| b.Property<string>("Value") | |||
| .IsRequired() | |||
| .HasMaxLength(4000) | |||
| .HasColumnType("nvarchar(4000)"); | |||
| b.HasKey("Id"); | |||
| b.HasIndex("ClientId"); | |||
| b.ToTable("ClientSecrets", (string)null); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.IdentityClaim", b => | |||
| { | |||
| b.Property<int>("Id") | |||
| .ValueGeneratedOnAdd() | |||
| .HasColumnType("int") | |||
| .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); | |||
| b.Property<int>("IdentityResourceId") | |||
| .HasColumnType("int"); | |||
| b.Property<string>("Type") | |||
| .IsRequired() | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.HasKey("Id"); | |||
| b.HasIndex("IdentityResourceId"); | |||
| b.ToTable("IdentityClaims", (string)null); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.IdentityResource", b => | |||
| { | |||
| b.Property<int>("Id") | |||
| .ValueGeneratedOnAdd() | |||
| .HasColumnType("int") | |||
| .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); | |||
| b.Property<DateTime>("Created") | |||
| .HasColumnType("datetime2"); | |||
| b.Property<string>("Description") | |||
| .HasMaxLength(1000) | |||
| .HasColumnType("nvarchar(1000)"); | |||
| b.Property<string>("DisplayName") | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.Property<bool>("Emphasize") | |||
| .HasColumnType("bit"); | |||
| b.Property<bool>("Enabled") | |||
| .HasColumnType("bit"); | |||
| b.Property<string>("Name") | |||
| .IsRequired() | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.Property<bool>("NonEditable") | |||
| .HasColumnType("bit"); | |||
| b.Property<bool>("Required") | |||
| .HasColumnType("bit"); | |||
| b.Property<bool>("ShowInDiscoveryDocument") | |||
| .HasColumnType("bit"); | |||
| b.Property<DateTime?>("Updated") | |||
| .HasColumnType("datetime2"); | |||
| b.HasKey("Id"); | |||
| b.HasIndex("Name") | |||
| .IsUnique(); | |||
| b.ToTable("IdentityResources", (string)null); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.IdentityResourceProperty", b => | |||
| { | |||
| b.Property<int>("Id") | |||
| .ValueGeneratedOnAdd() | |||
| .HasColumnType("int") | |||
| .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); | |||
| b.Property<int>("IdentityResourceId") | |||
| .HasColumnType("int"); | |||
| b.Property<string>("Key") | |||
| .IsRequired() | |||
| .HasMaxLength(250) | |||
| .HasColumnType("nvarchar(250)"); | |||
| b.Property<string>("Value") | |||
| .IsRequired() | |||
| .HasMaxLength(2000) | |||
| .HasColumnType("nvarchar(2000)"); | |||
| b.HasKey("Id"); | |||
| b.HasIndex("IdentityResourceId"); | |||
| b.ToTable("IdentityProperties", (string)null); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiResourceClaim", b => | |||
| { | |||
| b.HasOne("IdentityServer4.EntityFramework.Entities.ApiResource", "ApiResource") | |||
| .WithMany("UserClaims") | |||
| .HasForeignKey("ApiResourceId") | |||
| .OnDelete(DeleteBehavior.Cascade) | |||
| .IsRequired(); | |||
| b.Navigation("ApiResource"); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiResourceProperty", b => | |||
| { | |||
| b.HasOne("IdentityServer4.EntityFramework.Entities.ApiResource", "ApiResource") | |||
| .WithMany("Properties") | |||
| .HasForeignKey("ApiResourceId") | |||
| .OnDelete(DeleteBehavior.Cascade) | |||
| .IsRequired(); | |||
| b.Navigation("ApiResource"); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiScope", b => | |||
| { | |||
| b.HasOne("IdentityServer4.EntityFramework.Entities.ApiResource", "ApiResource") | |||
| .WithMany("Scopes") | |||
| .HasForeignKey("ApiResourceId") | |||
| .OnDelete(DeleteBehavior.Cascade) | |||
| .IsRequired(); | |||
| b.Navigation("ApiResource"); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiScopeClaim", b => | |||
| { | |||
| b.HasOne("IdentityServer4.EntityFramework.Entities.ApiScope", "ApiScope") | |||
| .WithMany("UserClaims") | |||
| .HasForeignKey("ApiScopeId") | |||
| .OnDelete(DeleteBehavior.Cascade) | |||
| .IsRequired(); | |||
| b.Navigation("ApiScope"); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiSecret", b => | |||
| { | |||
| b.HasOne("IdentityServer4.EntityFramework.Entities.ApiResource", "ApiResource") | |||
| .WithMany("Secrets") | |||
| .HasForeignKey("ApiResourceId") | |||
| .OnDelete(DeleteBehavior.Cascade) | |||
| .IsRequired(); | |||
| b.Navigation("ApiResource"); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientClaim", b => | |||
| { | |||
| b.HasOne("IdentityServer4.EntityFramework.Entities.Client", "Client") | |||
| .WithMany("Claims") | |||
| .HasForeignKey("ClientId") | |||
| .OnDelete(DeleteBehavior.Cascade) | |||
| .IsRequired(); | |||
| b.Navigation("Client"); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientCorsOrigin", b => | |||
| { | |||
| b.HasOne("IdentityServer4.EntityFramework.Entities.Client", "Client") | |||
| .WithMany("AllowedCorsOrigins") | |||
| .HasForeignKey("ClientId") | |||
| .OnDelete(DeleteBehavior.Cascade) | |||
| .IsRequired(); | |||
| b.Navigation("Client"); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientGrantType", b => | |||
| { | |||
| b.HasOne("IdentityServer4.EntityFramework.Entities.Client", "Client") | |||
| .WithMany("AllowedGrantTypes") | |||
| .HasForeignKey("ClientId") | |||
| .OnDelete(DeleteBehavior.Cascade) | |||
| .IsRequired(); | |||
| b.Navigation("Client"); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientIdPRestriction", b => | |||
| { | |||
| b.HasOne("IdentityServer4.EntityFramework.Entities.Client", "Client") | |||
| .WithMany("IdentityProviderRestrictions") | |||
| .HasForeignKey("ClientId") | |||
| .OnDelete(DeleteBehavior.Cascade) | |||
| .IsRequired(); | |||
| b.Navigation("Client"); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientPostLogoutRedirectUri", b => | |||
| { | |||
| b.HasOne("IdentityServer4.EntityFramework.Entities.Client", "Client") | |||
| .WithMany("PostLogoutRedirectUris") | |||
| .HasForeignKey("ClientId") | |||
| .OnDelete(DeleteBehavior.Cascade) | |||
| .IsRequired(); | |||
| b.Navigation("Client"); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientProperty", b => | |||
| { | |||
| b.HasOne("IdentityServer4.EntityFramework.Entities.Client", "Client") | |||
| .WithMany("Properties") | |||
| .HasForeignKey("ClientId") | |||
| .OnDelete(DeleteBehavior.Cascade) | |||
| .IsRequired(); | |||
| b.Navigation("Client"); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientRedirectUri", b => | |||
| { | |||
| b.HasOne("IdentityServer4.EntityFramework.Entities.Client", "Client") | |||
| .WithMany("RedirectUris") | |||
| .HasForeignKey("ClientId") | |||
| .OnDelete(DeleteBehavior.Cascade) | |||
| .IsRequired(); | |||
| b.Navigation("Client"); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientScope", b => | |||
| { | |||
| b.HasOne("IdentityServer4.EntityFramework.Entities.Client", "Client") | |||
| .WithMany("AllowedScopes") | |||
| .HasForeignKey("ClientId") | |||
| .OnDelete(DeleteBehavior.Cascade) | |||
| .IsRequired(); | |||
| b.Navigation("Client"); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientSecret", b => | |||
| { | |||
| b.HasOne("IdentityServer4.EntityFramework.Entities.Client", "Client") | |||
| .WithMany("ClientSecrets") | |||
| .HasForeignKey("ClientId") | |||
| .OnDelete(DeleteBehavior.Cascade) | |||
| .IsRequired(); | |||
| b.Navigation("Client"); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.IdentityClaim", b => | |||
| { | |||
| b.HasOne("IdentityServer4.EntityFramework.Entities.IdentityResource", "IdentityResource") | |||
| .WithMany("UserClaims") | |||
| .HasForeignKey("IdentityResourceId") | |||
| .OnDelete(DeleteBehavior.Cascade) | |||
| .IsRequired(); | |||
| b.Navigation("IdentityResource"); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.IdentityResourceProperty", b => | |||
| { | |||
| b.HasOne("IdentityServer4.EntityFramework.Entities.IdentityResource", "IdentityResource") | |||
| .WithMany("Properties") | |||
| .HasForeignKey("IdentityResourceId") | |||
| .OnDelete(DeleteBehavior.Cascade) | |||
| .IsRequired(); | |||
| b.Navigation("IdentityResource"); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiResource", b => | |||
| { | |||
| b.Navigation("Properties"); | |||
| b.Navigation("Scopes"); | |||
| b.Navigation("Secrets"); | |||
| b.Navigation("UserClaims"); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiScope", b => | |||
| { | |||
| b.Navigation("UserClaims"); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.Client", b => | |||
| { | |||
| b.Navigation("AllowedCorsOrigins"); | |||
| b.Navigation("AllowedGrantTypes"); | |||
| b.Navigation("AllowedScopes"); | |||
| b.Navigation("Claims"); | |||
| b.Navigation("ClientSecrets"); | |||
| b.Navigation("IdentityProviderRestrictions"); | |||
| b.Navigation("PostLogoutRedirectUris"); | |||
| b.Navigation("Properties"); | |||
| b.Navigation("RedirectUris"); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.IdentityResource", b => | |||
| { | |||
| b.Navigation("Properties"); | |||
| b.Navigation("UserClaims"); | |||
| }); | |||
| #pragma warning restore 612, 618 | |||
| } | |||
| } | |||
| } | |||
+ 0
- 607
src/Services/Identity/Identity.API/Migrations/ConfigurationDb/20210813072543_InitialMigration.cs
View File
| @ -1,607 +0,0 @@ | |||
| using System; | |||
| using Microsoft.EntityFrameworkCore.Migrations; | |||
| namespace Identity.API.Migrations.ConfigurationDb | |||
| { | |||
| public partial class InitialMigration : Migration | |||
| { | |||
| protected override void Up(MigrationBuilder migrationBuilder) | |||
| { | |||
| migrationBuilder.CreateTable( | |||
| name: "ApiResources", | |||
| columns: table => new | |||
| { | |||
| Id = table.Column<int>(type: "int", nullable: false) | |||
| .Annotation("SqlServer:Identity", "1, 1"), | |||
| Enabled = table.Column<bool>(type: "bit", nullable: false), | |||
| Name = table.Column<string>(type: "nvarchar(200)", maxLength: 200, nullable: false), | |||
| DisplayName = table.Column<string>(type: "nvarchar(200)", maxLength: 200, nullable: true), | |||
| Description = table.Column<string>(type: "nvarchar(1000)", maxLength: 1000, nullable: true), | |||
| Created = table.Column<DateTime>(type: "datetime2", nullable: false), | |||
| Updated = table.Column<DateTime>(type: "datetime2", nullable: true), | |||
| LastAccessed = table.Column<DateTime>(type: "datetime2", nullable: true), | |||
| NonEditable = table.Column<bool>(type: "bit", nullable: false) | |||
| }, | |||
| constraints: table => | |||
| { | |||
| table.PrimaryKey("PK_ApiResources", x => x.Id); | |||
| }); | |||
| migrationBuilder.CreateTable( | |||
| name: "Clients", | |||
| columns: table => new | |||
| { | |||
| Id = table.Column<int>(type: "int", nullable: false) | |||
| .Annotation("SqlServer:Identity", "1, 1"), | |||
| Enabled = table.Column<bool>(type: "bit", nullable: false), | |||
| ClientId = table.Column<string>(type: "nvarchar(200)", maxLength: 200, nullable: false), | |||
| ProtocolType = table.Column<string>(type: "nvarchar(200)", maxLength: 200, nullable: false), | |||
| RequireClientSecret = table.Column<bool>(type: "bit", nullable: false), | |||
| ClientName = table.Column<string>(type: "nvarchar(200)", maxLength: 200, nullable: true), | |||
| Description = table.Column<string>(type: "nvarchar(1000)", maxLength: 1000, nullable: true), | |||
| ClientUri = table.Column<string>(type: "nvarchar(2000)", maxLength: 2000, nullable: true), | |||
| LogoUri = table.Column<string>(type: "nvarchar(2000)", maxLength: 2000, nullable: true), | |||
| RequireConsent = table.Column<bool>(type: "bit", nullable: false), | |||
| AllowRememberConsent = table.Column<bool>(type: "bit", nullable: false), | |||
| AlwaysIncludeUserClaimsInIdToken = table.Column<bool>(type: "bit", nullable: false), | |||
| RequirePkce = table.Column<bool>(type: "bit", nullable: false), | |||
| AllowPlainTextPkce = table.Column<bool>(type: "bit", nullable: false), | |||
| AllowAccessTokensViaBrowser = table.Column<bool>(type: "bit", nullable: false), | |||
| FrontChannelLogoutUri = table.Column<string>(type: "nvarchar(2000)", maxLength: 2000, nullable: true), | |||
| FrontChannelLogoutSessionRequired = table.Column<bool>(type: "bit", nullable: false), | |||
| BackChannelLogoutUri = table.Column<string>(type: "nvarchar(2000)", maxLength: 2000, nullable: true), | |||
| BackChannelLogoutSessionRequired = table.Column<bool>(type: "bit", nullable: false), | |||
| AllowOfflineAccess = table.Column<bool>(type: "bit", nullable: false), | |||
| IdentityTokenLifetime = table.Column<int>(type: "int", nullable: false), | |||
| AccessTokenLifetime = table.Column<int>(type: "int", nullable: false), | |||
| AuthorizationCodeLifetime = table.Column<int>(type: "int", nullable: false), | |||
| ConsentLifetime = table.Column<int>(type: "int", nullable: true), | |||
| AbsoluteRefreshTokenLifetime = table.Column<int>(type: "int", nullable: false), | |||
| SlidingRefreshTokenLifetime = table.Column<int>(type: "int", nullable: false), | |||
| RefreshTokenUsage = table.Column<int>(type: "int", nullable: false), | |||
| UpdateAccessTokenClaimsOnRefresh = table.Column<bool>(type: "bit", nullable: false), | |||
| RefreshTokenExpiration = table.Column<int>(type: "int", nullable: false), | |||
| AccessTokenType = table.Column<int>(type: "int", nullable: false), | |||
| EnableLocalLogin = table.Column<bool>(type: "bit", nullable: false), | |||
| IncludeJwtId = table.Column<bool>(type: "bit", nullable: false), | |||
| AlwaysSendClientClaims = table.Column<bool>(type: "bit", nullable: false), | |||
| ClientClaimsPrefix = table.Column<string>(type: "nvarchar(200)", maxLength: 200, nullable: true), | |||
| PairWiseSubjectSalt = table.Column<string>(type: "nvarchar(200)", maxLength: 200, nullable: true), | |||
| Created = table.Column<DateTime>(type: "datetime2", nullable: false), | |||
| Updated = table.Column<DateTime>(type: "datetime2", nullable: true), | |||
| LastAccessed = table.Column<DateTime>(type: "datetime2", nullable: true), | |||
| UserSsoLifetime = table.Column<int>(type: "int", nullable: true), | |||
| UserCodeType = table.Column<string>(type: "nvarchar(100)", maxLength: 100, nullable: true), | |||
| DeviceCodeLifetime = table.Column<int>(type: "int", nullable: false), | |||
| NonEditable = table.Column<bool>(type: "bit", nullable: false) | |||
| }, | |||
| constraints: table => | |||
| { | |||
| table.PrimaryKey("PK_Clients", x => x.Id); | |||
| }); | |||
| migrationBuilder.CreateTable( | |||
| name: "IdentityResources", | |||
| columns: table => new | |||
| { | |||
| Id = table.Column<int>(type: "int", nullable: false) | |||
| .Annotation("SqlServer:Identity", "1, 1"), | |||
| Enabled = table.Column<bool>(type: "bit", nullable: false), | |||
| Name = table.Column<string>(type: "nvarchar(200)", maxLength: 200, nullable: false), | |||
| DisplayName = table.Column<string>(type: "nvarchar(200)", maxLength: 200, nullable: true), | |||
| Description = table.Column<string>(type: "nvarchar(1000)", maxLength: 1000, nullable: true), | |||
| Required = table.Column<bool>(type: "bit", nullable: false), | |||
| Emphasize = table.Column<bool>(type: "bit", nullable: false), | |||
| ShowInDiscoveryDocument = table.Column<bool>(type: "bit", nullable: false), | |||
| Created = table.Column<DateTime>(type: "datetime2", nullable: false), | |||
| Updated = table.Column<DateTime>(type: "datetime2", nullable: true), | |||
| NonEditable = table.Column<bool>(type: "bit", nullable: false) | |||
| }, | |||
| constraints: table => | |||
| { | |||
| table.PrimaryKey("PK_IdentityResources", x => x.Id); | |||
| }); | |||
| migrationBuilder.CreateTable( | |||
| name: "ApiClaims", | |||
| columns: table => new | |||
| { | |||
| Id = table.Column<int>(type: "int", nullable: false) | |||
| .Annotation("SqlServer:Identity", "1, 1"), | |||
| ApiResourceId = table.Column<int>(type: "int", nullable: false), | |||
| Type = table.Column<string>(type: "nvarchar(200)", maxLength: 200, nullable: false) | |||
| }, | |||
| constraints: table => | |||
| { | |||
| table.PrimaryKey("PK_ApiClaims", x => x.Id); | |||
| table.ForeignKey( | |||
| name: "FK_ApiClaims_ApiResources_ApiResourceId", | |||
| column: x => x.ApiResourceId, | |||
| principalTable: "ApiResources", | |||
| principalColumn: "Id", | |||
| onDelete: ReferentialAction.Cascade); | |||
| }); | |||
| migrationBuilder.CreateTable( | |||
| name: "ApiProperties", | |||
| columns: table => new | |||
| { | |||
| Id = table.Column<int>(type: "int", nullable: false) | |||
| .Annotation("SqlServer:Identity", "1, 1"), | |||
| ApiResourceId = table.Column<int>(type: "int", nullable: false), | |||
| Key = table.Column<string>(type: "nvarchar(250)", maxLength: 250, nullable: false), | |||
| Value = table.Column<string>(type: "nvarchar(2000)", maxLength: 2000, nullable: false) | |||
| }, | |||
| constraints: table => | |||
| { | |||
| table.PrimaryKey("PK_ApiProperties", x => x.Id); | |||
| table.ForeignKey( | |||
| name: "FK_ApiProperties_ApiResources_ApiResourceId", | |||
| column: x => x.ApiResourceId, | |||
| principalTable: "ApiResources", | |||
| principalColumn: "Id", | |||
| onDelete: ReferentialAction.Cascade); | |||
| }); | |||
| migrationBuilder.CreateTable( | |||
| name: "ApiScopes", | |||
| columns: table => new | |||
| { | |||
| Id = table.Column<int>(type: "int", nullable: false) | |||
| .Annotation("SqlServer:Identity", "1, 1"), | |||
| Name = table.Column<string>(type: "nvarchar(200)", maxLength: 200, nullable: false), | |||
| DisplayName = table.Column<string>(type: "nvarchar(200)", maxLength: 200, nullable: true), | |||
| Description = table.Column<string>(type: "nvarchar(1000)", maxLength: 1000, nullable: true), | |||
| Required = table.Column<bool>(type: "bit", nullable: false), | |||
| Emphasize = table.Column<bool>(type: "bit", nullable: false), | |||
| ShowInDiscoveryDocument = table.Column<bool>(type: "bit", nullable: false), | |||
| ApiResourceId = table.Column<int>(type: "int", nullable: false) | |||
| }, | |||
| constraints: table => | |||
| { | |||
| table.PrimaryKey("PK_ApiScopes", x => x.Id); | |||
| table.ForeignKey( | |||
| name: "FK_ApiScopes_ApiResources_ApiResourceId", | |||
| column: x => x.ApiResourceId, | |||
| principalTable: "ApiResources", | |||
| principalColumn: "Id", | |||
| onDelete: ReferentialAction.Cascade); | |||
| }); | |||
| migrationBuilder.CreateTable( | |||
| name: "ApiSecrets", | |||
| columns: table => new | |||
| { | |||
| Id = table.Column<int>(type: "int", nullable: false) | |||
| .Annotation("SqlServer:Identity", "1, 1"), | |||
| ApiResourceId = table.Column<int>(type: "int", nullable: false), | |||
| Description = table.Column<string>(type: "nvarchar(1000)", maxLength: 1000, nullable: true), | |||
| Value = table.Column<string>(type: "nvarchar(4000)", maxLength: 4000, nullable: false), | |||
| Expiration = table.Column<DateTime>(type: "datetime2", nullable: true), | |||
| Type = table.Column<string>(type: "nvarchar(250)", maxLength: 250, nullable: false), | |||
| Created = table.Column<DateTime>(type: "datetime2", nullable: false) | |||
| }, | |||
| constraints: table => | |||
| { | |||
| table.PrimaryKey("PK_ApiSecrets", x => x.Id); | |||
| table.ForeignKey( | |||
| name: "FK_ApiSecrets_ApiResources_ApiResourceId", | |||
| column: x => x.ApiResourceId, | |||
| principalTable: "ApiResources", | |||
| principalColumn: "Id", | |||
| onDelete: ReferentialAction.Cascade); | |||
| }); | |||
| migrationBuilder.CreateTable( | |||
| name: "ClientClaims", | |||
| columns: table => new | |||
| { | |||
| Id = table.Column<int>(type: "int", nullable: false) | |||
| .Annotation("SqlServer:Identity", "1, 1"), | |||
| Type = table.Column<string>(type: "nvarchar(250)", maxLength: 250, nullable: false), | |||
| Value = table.Column<string>(type: "nvarchar(250)", maxLength: 250, nullable: false), | |||
| ClientId = table.Column<int>(type: "int", nullable: false) | |||
| }, | |||
| constraints: table => | |||
| { | |||
| table.PrimaryKey("PK_ClientClaims", x => x.Id); | |||
| table.ForeignKey( | |||
| name: "FK_ClientClaims_Clients_ClientId", | |||
| column: x => x.ClientId, | |||
| principalTable: "Clients", | |||
| principalColumn: "Id", | |||
| onDelete: ReferentialAction.Cascade); | |||
| }); | |||
| migrationBuilder.CreateTable( | |||
| name: "ClientCorsOrigins", | |||
| columns: table => new | |||
| { | |||
| Id = table.Column<int>(type: "int", nullable: false) | |||
| .Annotation("SqlServer:Identity", "1, 1"), | |||
| Origin = table.Column<string>(type: "nvarchar(150)", maxLength: 150, nullable: false), | |||
| ClientId = table.Column<int>(type: "int", nullable: false) | |||
| }, | |||
| constraints: table => | |||
| { | |||
| table.PrimaryKey("PK_ClientCorsOrigins", x => x.Id); | |||
| table.ForeignKey( | |||
| name: "FK_ClientCorsOrigins_Clients_ClientId", | |||
| column: x => x.ClientId, | |||
| principalTable: "Clients", | |||
| principalColumn: "Id", | |||
| onDelete: ReferentialAction.Cascade); | |||
| }); | |||
| migrationBuilder.CreateTable( | |||
| name: "ClientGrantTypes", | |||
| columns: table => new | |||
| { | |||
| Id = table.Column<int>(type: "int", nullable: false) | |||
| .Annotation("SqlServer:Identity", "1, 1"), | |||
| GrantType = table.Column<string>(type: "nvarchar(250)", maxLength: 250, nullable: false), | |||
| ClientId = table.Column<int>(type: "int", nullable: false) | |||
| }, | |||
| constraints: table => | |||
| { | |||
| table.PrimaryKey("PK_ClientGrantTypes", x => x.Id); | |||
| table.ForeignKey( | |||
| name: "FK_ClientGrantTypes_Clients_ClientId", | |||
| column: x => x.ClientId, | |||
| principalTable: "Clients", | |||
| principalColumn: "Id", | |||
| onDelete: ReferentialAction.Cascade); | |||
| }); | |||
| migrationBuilder.CreateTable( | |||
| name: "ClientIdPRestrictions", | |||
| columns: table => new | |||
| { | |||
| Id = table.Column<int>(type: "int", nullable: false) | |||
| .Annotation("SqlServer:Identity", "1, 1"), | |||
| Provider = table.Column<string>(type: "nvarchar(200)", maxLength: 200, nullable: false), | |||
| ClientId = table.Column<int>(type: "int", nullable: false) | |||
| }, | |||
| constraints: table => | |||
| { | |||
| table.PrimaryKey("PK_ClientIdPRestrictions", x => x.Id); | |||
| table.ForeignKey( | |||
| name: "FK_ClientIdPRestrictions_Clients_ClientId", | |||
| column: x => x.ClientId, | |||
| principalTable: "Clients", | |||
| principalColumn: "Id", | |||
| onDelete: ReferentialAction.Cascade); | |||
| }); | |||
| migrationBuilder.CreateTable( | |||
| name: "ClientPostLogoutRedirectUris", | |||
| columns: table => new | |||
| { | |||
| Id = table.Column<int>(type: "int", nullable: false) | |||
| .Annotation("SqlServer:Identity", "1, 1"), | |||
| PostLogoutRedirectUri = table.Column<string>(type: "nvarchar(2000)", maxLength: 2000, nullable: false), | |||
| ClientId = table.Column<int>(type: "int", nullable: false) | |||
| }, | |||
| constraints: table => | |||
| { | |||
| table.PrimaryKey("PK_ClientPostLogoutRedirectUris", x => x.Id); | |||
| table.ForeignKey( | |||
| name: "FK_ClientPostLogoutRedirectUris_Clients_ClientId", | |||
| column: x => x.ClientId, | |||
| principalTable: "Clients", | |||
| principalColumn: "Id", | |||
| onDelete: ReferentialAction.Cascade); | |||
| }); | |||
| migrationBuilder.CreateTable( | |||
| name: "ClientProperties", | |||
| columns: table => new | |||
| { | |||
| Id = table.Column<int>(type: "int", nullable: false) | |||
| .Annotation("SqlServer:Identity", "1, 1"), | |||
| ClientId = table.Column<int>(type: "int", nullable: false), | |||
| Key = table.Column<string>(type: "nvarchar(250)", maxLength: 250, nullable: false), | |||
| Value = table.Column<string>(type: "nvarchar(2000)", maxLength: 2000, nullable: false) | |||
| }, | |||
| constraints: table => | |||
| { | |||
| table.PrimaryKey("PK_ClientProperties", x => x.Id); | |||
| table.ForeignKey( | |||
| name: "FK_ClientProperties_Clients_ClientId", | |||
| column: x => x.ClientId, | |||
| principalTable: "Clients", | |||
| principalColumn: "Id", | |||
| onDelete: ReferentialAction.Cascade); | |||
| }); | |||
| migrationBuilder.CreateTable( | |||
| name: "ClientRedirectUris", | |||
| columns: table => new | |||
| { | |||
| Id = table.Column<int>(type: "int", nullable: false) | |||
| .Annotation("SqlServer:Identity", "1, 1"), | |||
| RedirectUri = table.Column<string>(type: "nvarchar(2000)", maxLength: 2000, nullable: false), | |||
| ClientId = table.Column<int>(type: "int", nullable: false) | |||
| }, | |||
| constraints: table => | |||
| { | |||
| table.PrimaryKey("PK_ClientRedirectUris", x => x.Id); | |||
| table.ForeignKey( | |||
| name: "FK_ClientRedirectUris_Clients_ClientId", | |||
| column: x => x.ClientId, | |||
| principalTable: "Clients", | |||
| principalColumn: "Id", | |||
| onDelete: ReferentialAction.Cascade); | |||
| }); | |||
| migrationBuilder.CreateTable( | |||
| name: "ClientScopes", | |||
| columns: table => new | |||
| { | |||
| Id = table.Column<int>(type: "int", nullable: false) | |||
| .Annotation("SqlServer:Identity", "1, 1"), | |||
| Scope = table.Column<string>(type: "nvarchar(200)", maxLength: 200, nullable: false), | |||
| ClientId = table.Column<int>(type: "int", nullable: false) | |||
| }, | |||
| constraints: table => | |||
| { | |||
| table.PrimaryKey("PK_ClientScopes", x => x.Id); | |||
| table.ForeignKey( | |||
| name: "FK_ClientScopes_Clients_ClientId", | |||
| column: x => x.ClientId, | |||
| principalTable: "Clients", | |||
| principalColumn: "Id", | |||
| onDelete: ReferentialAction.Cascade); | |||
| }); | |||
| migrationBuilder.CreateTable( | |||
| name: "ClientSecrets", | |||
| columns: table => new | |||
| { | |||
| Id = table.Column<int>(type: "int", nullable: false) | |||
| .Annotation("SqlServer:Identity", "1, 1"), | |||
| ClientId = table.Column<int>(type: "int", nullable: false), | |||
| Description = table.Column<string>(type: "nvarchar(2000)", maxLength: 2000, nullable: true), | |||
| Value = table.Column<string>(type: "nvarchar(4000)", maxLength: 4000, nullable: false), | |||
| Expiration = table.Column<DateTime>(type: "datetime2", nullable: true), | |||
| Type = table.Column<string>(type: "nvarchar(250)", maxLength: 250, nullable: false), | |||
| Created = table.Column<DateTime>(type: "datetime2", nullable: false) | |||
| }, | |||
| constraints: table => | |||
| { | |||
| table.PrimaryKey("PK_ClientSecrets", x => x.Id); | |||
| table.ForeignKey( | |||
| name: "FK_ClientSecrets_Clients_ClientId", | |||
| column: x => x.ClientId, | |||
| principalTable: "Clients", | |||
| principalColumn: "Id", | |||
| onDelete: ReferentialAction.Cascade); | |||
| }); | |||
| migrationBuilder.CreateTable( | |||
| name: "IdentityClaims", | |||
| columns: table => new | |||
| { | |||
| Id = table.Column<int>(type: "int", nullable: false) | |||
| .Annotation("SqlServer:Identity", "1, 1"), | |||
| IdentityResourceId = table.Column<int>(type: "int", nullable: false), | |||
| Type = table.Column<string>(type: "nvarchar(200)", maxLength: 200, nullable: false) | |||
| }, | |||
| constraints: table => | |||
| { | |||
| table.PrimaryKey("PK_IdentityClaims", x => x.Id); | |||
| table.ForeignKey( | |||
| name: "FK_IdentityClaims_IdentityResources_IdentityResourceId", | |||
| column: x => x.IdentityResourceId, | |||
| principalTable: "IdentityResources", | |||
| principalColumn: "Id", | |||
| onDelete: ReferentialAction.Cascade); | |||
| }); | |||
| migrationBuilder.CreateTable( | |||
| name: "IdentityProperties", | |||
| columns: table => new | |||
| { | |||
| Id = table.Column<int>(type: "int", nullable: false) | |||
| .Annotation("SqlServer:Identity", "1, 1"), | |||
| IdentityResourceId = table.Column<int>(type: "int", nullable: false), | |||
| Key = table.Column<string>(type: "nvarchar(250)", maxLength: 250, nullable: false), | |||
| Value = table.Column<string>(type: "nvarchar(2000)", maxLength: 2000, nullable: false) | |||
| }, | |||
| constraints: table => | |||
| { | |||
| table.PrimaryKey("PK_IdentityProperties", x => x.Id); | |||
| table.ForeignKey( | |||
| name: "FK_IdentityProperties_IdentityResources_IdentityResourceId", | |||
| column: x => x.IdentityResourceId, | |||
| principalTable: "IdentityResources", | |||
| principalColumn: "Id", | |||
| onDelete: ReferentialAction.Cascade); | |||
| }); | |||
| migrationBuilder.CreateTable( | |||
| name: "ApiScopeClaims", | |||
| columns: table => new | |||
| { | |||
| Id = table.Column<int>(type: "int", nullable: false) | |||
| .Annotation("SqlServer:Identity", "1, 1"), | |||
| ApiScopeId = table.Column<int>(type: "int", nullable: false), | |||
| Type = table.Column<string>(type: "nvarchar(200)", maxLength: 200, nullable: false) | |||
| }, | |||
| constraints: table => | |||
| { | |||
| table.PrimaryKey("PK_ApiScopeClaims", x => x.Id); | |||
| table.ForeignKey( | |||
| name: "FK_ApiScopeClaims_ApiScopes_ApiScopeId", | |||
| column: x => x.ApiScopeId, | |||
| principalTable: "ApiScopes", | |||
| principalColumn: "Id", | |||
| onDelete: ReferentialAction.Cascade); | |||
| }); | |||
| migrationBuilder.CreateIndex( | |||
| name: "IX_ApiClaims_ApiResourceId", | |||
| table: "ApiClaims", | |||
| column: "ApiResourceId"); | |||
| migrationBuilder.CreateIndex( | |||
| name: "IX_ApiProperties_ApiResourceId", | |||
| table: "ApiProperties", | |||
| column: "ApiResourceId"); | |||
| migrationBuilder.CreateIndex( | |||
| name: "IX_ApiResources_Name", | |||
| table: "ApiResources", | |||
| column: "Name", | |||
| unique: true); | |||
| migrationBuilder.CreateIndex( | |||
| name: "IX_ApiScopeClaims_ApiScopeId", | |||
| table: "ApiScopeClaims", | |||
| column: "ApiScopeId"); | |||
| migrationBuilder.CreateIndex( | |||
| name: "IX_ApiScopes_ApiResourceId", | |||
| table: "ApiScopes", | |||
| column: "ApiResourceId"); | |||
| migrationBuilder.CreateIndex( | |||
| name: "IX_ApiScopes_Name", | |||
| table: "ApiScopes", | |||
| column: "Name", | |||
| unique: true); | |||
| migrationBuilder.CreateIndex( | |||
| name: "IX_ApiSecrets_ApiResourceId", | |||
| table: "ApiSecrets", | |||
| column: "ApiResourceId"); | |||
| migrationBuilder.CreateIndex( | |||
| name: "IX_ClientClaims_ClientId", | |||
| table: "ClientClaims", | |||
| column: "ClientId"); | |||
| migrationBuilder.CreateIndex( | |||
| name: "IX_ClientCorsOrigins_ClientId", | |||
| table: "ClientCorsOrigins", | |||
| column: "ClientId"); | |||
| migrationBuilder.CreateIndex( | |||
| name: "IX_ClientGrantTypes_ClientId", | |||
| table: "ClientGrantTypes", | |||
| column: "ClientId"); | |||
| migrationBuilder.CreateIndex( | |||
| name: "IX_ClientIdPRestrictions_ClientId", | |||
| table: "ClientIdPRestrictions", | |||
| column: "ClientId"); | |||
| migrationBuilder.CreateIndex( | |||
| name: "IX_ClientPostLogoutRedirectUris_ClientId", | |||
| table: "ClientPostLogoutRedirectUris", | |||
| column: "ClientId"); | |||
| migrationBuilder.CreateIndex( | |||
| name: "IX_ClientProperties_ClientId", | |||
| table: "ClientProperties", | |||
| column: "ClientId"); | |||
| migrationBuilder.CreateIndex( | |||
| name: "IX_ClientRedirectUris_ClientId", | |||
| table: "ClientRedirectUris", | |||
| column: "ClientId"); | |||
| migrationBuilder.CreateIndex( | |||
| name: "IX_Clients_ClientId", | |||
| table: "Clients", | |||
| column: "ClientId", | |||
| unique: true); | |||
| migrationBuilder.CreateIndex( | |||
| name: "IX_ClientScopes_ClientId", | |||
| table: "ClientScopes", | |||
| column: "ClientId"); | |||
| migrationBuilder.CreateIndex( | |||
| name: "IX_ClientSecrets_ClientId", | |||
| table: "ClientSecrets", | |||
| column: "ClientId"); | |||
| migrationBuilder.CreateIndex( | |||
| name: "IX_IdentityClaims_IdentityResourceId", | |||
| table: "IdentityClaims", | |||
| column: "IdentityResourceId"); | |||
| migrationBuilder.CreateIndex( | |||
| name: "IX_IdentityProperties_IdentityResourceId", | |||
| table: "IdentityProperties", | |||
| column: "IdentityResourceId"); | |||
| migrationBuilder.CreateIndex( | |||
| name: "IX_IdentityResources_Name", | |||
| table: "IdentityResources", | |||
| column: "Name", | |||
| unique: true); | |||
| } | |||
| protected override void Down(MigrationBuilder migrationBuilder) | |||
| { | |||
| migrationBuilder.DropTable( | |||
| name: "ApiClaims"); | |||
| migrationBuilder.DropTable( | |||
| name: "ApiProperties"); | |||
| migrationBuilder.DropTable( | |||
| name: "ApiScopeClaims"); | |||
| migrationBuilder.DropTable( | |||
| name: "ApiSecrets"); | |||
| migrationBuilder.DropTable( | |||
| name: "ClientClaims"); | |||
| migrationBuilder.DropTable( | |||
| name: "ClientCorsOrigins"); | |||
| migrationBuilder.DropTable( | |||
| name: "ClientGrantTypes"); | |||
| migrationBuilder.DropTable( | |||
| name: "ClientIdPRestrictions"); | |||
| migrationBuilder.DropTable( | |||
| name: "ClientPostLogoutRedirectUris"); | |||
| migrationBuilder.DropTable( | |||
| name: "ClientProperties"); | |||
| migrationBuilder.DropTable( | |||
| name: "ClientRedirectUris"); | |||
| migrationBuilder.DropTable( | |||
| name: "ClientScopes"); | |||
| migrationBuilder.DropTable( | |||
| name: "ClientSecrets"); | |||
| migrationBuilder.DropTable( | |||
| name: "IdentityClaims"); | |||
| migrationBuilder.DropTable( | |||
| name: "IdentityProperties"); | |||
| migrationBuilder.DropTable( | |||
| name: "ApiScopes"); | |||
| migrationBuilder.DropTable( | |||
| name: "Clients"); | |||
| migrationBuilder.DropTable( | |||
| name: "IdentityResources"); | |||
| migrationBuilder.DropTable( | |||
| name: "ApiResources"); | |||
| } | |||
| } | |||
| } | |||
+ 0
- 909
src/Services/Identity/Identity.API/Migrations/ConfigurationDb/ConfigurationDbContextModelSnapshot.cs
View File
| @ -1,909 +0,0 @@ | |||
| // <auto-generated /> | |||
| using System; | |||
| using IdentityServer4.EntityFramework.DbContexts; | |||
| using Microsoft.EntityFrameworkCore; | |||
| using Microsoft.EntityFrameworkCore.Infrastructure; | |||
| using Microsoft.EntityFrameworkCore.Metadata; | |||
| using Microsoft.EntityFrameworkCore.Storage.ValueConversion; | |||
| namespace Identity.API.Migrations.ConfigurationDb | |||
| { | |||
| [DbContext(typeof(ConfigurationDbContext))] | |||
| partial class ConfigurationDbContextModelSnapshot : ModelSnapshot | |||
| { | |||
| protected override void BuildModel(ModelBuilder modelBuilder) | |||
| { | |||
| #pragma warning disable 612, 618 | |||
| modelBuilder | |||
| .HasAnnotation("Relational:MaxIdentifierLength", 128) | |||
| .HasAnnotation("ProductVersion", "6.0.0") | |||
| .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiResource", b => | |||
| { | |||
| b.Property<int>("Id") | |||
| .ValueGeneratedOnAdd() | |||
| .HasColumnType("int") | |||
| .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); | |||
| b.Property<DateTime>("Created") | |||
| .HasColumnType("datetime2"); | |||
| b.Property<string>("Description") | |||
| .HasMaxLength(1000) | |||
| .HasColumnType("nvarchar(1000)"); | |||
| b.Property<string>("DisplayName") | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.Property<bool>("Enabled") | |||
| .HasColumnType("bit"); | |||
| b.Property<DateTime?>("LastAccessed") | |||
| .HasColumnType("datetime2"); | |||
| b.Property<string>("Name") | |||
| .IsRequired() | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.Property<bool>("NonEditable") | |||
| .HasColumnType("bit"); | |||
| b.Property<DateTime?>("Updated") | |||
| .HasColumnType("datetime2"); | |||
| b.HasKey("Id"); | |||
| b.HasIndex("Name") | |||
| .IsUnique(); | |||
| b.ToTable("ApiResources", (string)null); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiResourceClaim", b => | |||
| { | |||
| b.Property<int>("Id") | |||
| .ValueGeneratedOnAdd() | |||
| .HasColumnType("int") | |||
| .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); | |||
| b.Property<int>("ApiResourceId") | |||
| .HasColumnType("int"); | |||
| b.Property<string>("Type") | |||
| .IsRequired() | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.HasKey("Id"); | |||
| b.HasIndex("ApiResourceId"); | |||
| b.ToTable("ApiClaims", (string)null); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiResourceProperty", b => | |||
| { | |||
| b.Property<int>("Id") | |||
| .ValueGeneratedOnAdd() | |||
| .HasColumnType("int") | |||
| .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); | |||
| b.Property<int>("ApiResourceId") | |||
| .HasColumnType("int"); | |||
| b.Property<string>("Key") | |||
| .IsRequired() | |||
| .HasMaxLength(250) | |||
| .HasColumnType("nvarchar(250)"); | |||
| b.Property<string>("Value") | |||
| .IsRequired() | |||
| .HasMaxLength(2000) | |||
| .HasColumnType("nvarchar(2000)"); | |||
| b.HasKey("Id"); | |||
| b.HasIndex("ApiResourceId"); | |||
| b.ToTable("ApiProperties", (string)null); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiScope", b => | |||
| { | |||
| b.Property<int>("Id") | |||
| .ValueGeneratedOnAdd() | |||
| .HasColumnType("int") | |||
| .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); | |||
| b.Property<int>("ApiResourceId") | |||
| .HasColumnType("int"); | |||
| b.Property<string>("Description") | |||
| .HasMaxLength(1000) | |||
| .HasColumnType("nvarchar(1000)"); | |||
| b.Property<string>("DisplayName") | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.Property<bool>("Emphasize") | |||
| .HasColumnType("bit"); | |||
| b.Property<string>("Name") | |||
| .IsRequired() | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.Property<bool>("Required") | |||
| .HasColumnType("bit"); | |||
| b.Property<bool>("ShowInDiscoveryDocument") | |||
| .HasColumnType("bit"); | |||
| b.HasKey("Id"); | |||
| b.HasIndex("ApiResourceId"); | |||
| b.HasIndex("Name") | |||
| .IsUnique(); | |||
| b.ToTable("ApiScopes", (string)null); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiScopeClaim", b => | |||
| { | |||
| b.Property<int>("Id") | |||
| .ValueGeneratedOnAdd() | |||
| .HasColumnType("int") | |||
| .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); | |||
| b.Property<int>("ApiScopeId") | |||
| .HasColumnType("int"); | |||
| b.Property<string>("Type") | |||
| .IsRequired() | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.HasKey("Id"); | |||
| b.HasIndex("ApiScopeId"); | |||
| b.ToTable("ApiScopeClaims", (string)null); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiSecret", b => | |||
| { | |||
| b.Property<int>("Id") | |||
| .ValueGeneratedOnAdd() | |||
| .HasColumnType("int") | |||
| .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); | |||
| b.Property<int>("ApiResourceId") | |||
| .HasColumnType("int"); | |||
| b.Property<DateTime>("Created") | |||
| .HasColumnType("datetime2"); | |||
| b.Property<string>("Description") | |||
| .HasMaxLength(1000) | |||
| .HasColumnType("nvarchar(1000)"); | |||
| b.Property<DateTime?>("Expiration") | |||
| .HasColumnType("datetime2"); | |||
| b.Property<string>("Type") | |||
| .IsRequired() | |||
| .HasMaxLength(250) | |||
| .HasColumnType("nvarchar(250)"); | |||
| b.Property<string>("Value") | |||
| .IsRequired() | |||
| .HasMaxLength(4000) | |||
| .HasColumnType("nvarchar(4000)"); | |||
| b.HasKey("Id"); | |||
| b.HasIndex("ApiResourceId"); | |||
| b.ToTable("ApiSecrets", (string)null); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.Client", b => | |||
| { | |||
| b.Property<int>("Id") | |||
| .ValueGeneratedOnAdd() | |||
| .HasColumnType("int") | |||
| .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); | |||
| b.Property<int>("AbsoluteRefreshTokenLifetime") | |||
| .HasColumnType("int"); | |||
| b.Property<int>("AccessTokenLifetime") | |||
| .HasColumnType("int"); | |||
| b.Property<int>("AccessTokenType") | |||
| .HasColumnType("int"); | |||
| b.Property<bool>("AllowAccessTokensViaBrowser") | |||
| .HasColumnType("bit"); | |||
| b.Property<bool>("AllowOfflineAccess") | |||
| .HasColumnType("bit"); | |||
| b.Property<bool>("AllowPlainTextPkce") | |||
| .HasColumnType("bit"); | |||
| b.Property<bool>("AllowRememberConsent") | |||
| .HasColumnType("bit"); | |||
| b.Property<bool>("AlwaysIncludeUserClaimsInIdToken") | |||
| .HasColumnType("bit"); | |||
| b.Property<bool>("AlwaysSendClientClaims") | |||
| .HasColumnType("bit"); | |||
| b.Property<int>("AuthorizationCodeLifetime") | |||
| .HasColumnType("int"); | |||
| b.Property<bool>("BackChannelLogoutSessionRequired") | |||
| .HasColumnType("bit"); | |||
| b.Property<string>("BackChannelLogoutUri") | |||
| .HasMaxLength(2000) | |||
| .HasColumnType("nvarchar(2000)"); | |||
| b.Property<string>("ClientClaimsPrefix") | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.Property<string>("ClientId") | |||
| .IsRequired() | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.Property<string>("ClientName") | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.Property<string>("ClientUri") | |||
| .HasMaxLength(2000) | |||
| .HasColumnType("nvarchar(2000)"); | |||
| b.Property<int?>("ConsentLifetime") | |||
| .HasColumnType("int"); | |||
| b.Property<DateTime>("Created") | |||
| .HasColumnType("datetime2"); | |||
| b.Property<string>("Description") | |||
| .HasMaxLength(1000) | |||
| .HasColumnType("nvarchar(1000)"); | |||
| b.Property<int>("DeviceCodeLifetime") | |||
| .HasColumnType("int"); | |||
| b.Property<bool>("EnableLocalLogin") | |||
| .HasColumnType("bit"); | |||
| b.Property<bool>("Enabled") | |||
| .HasColumnType("bit"); | |||
| b.Property<bool>("FrontChannelLogoutSessionRequired") | |||
| .HasColumnType("bit"); | |||
| b.Property<string>("FrontChannelLogoutUri") | |||
| .HasMaxLength(2000) | |||
| .HasColumnType("nvarchar(2000)"); | |||
| b.Property<int>("IdentityTokenLifetime") | |||
| .HasColumnType("int"); | |||
| b.Property<bool>("IncludeJwtId") | |||
| .HasColumnType("bit"); | |||
| b.Property<DateTime?>("LastAccessed") | |||
| .HasColumnType("datetime2"); | |||
| b.Property<string>("LogoUri") | |||
| .HasMaxLength(2000) | |||
| .HasColumnType("nvarchar(2000)"); | |||
| b.Property<bool>("NonEditable") | |||
| .HasColumnType("bit"); | |||
| b.Property<string>("PairWiseSubjectSalt") | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.Property<string>("ProtocolType") | |||
| .IsRequired() | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.Property<int>("RefreshTokenExpiration") | |||
| .HasColumnType("int"); | |||
| b.Property<int>("RefreshTokenUsage") | |||
| .HasColumnType("int"); | |||
| b.Property<bool>("RequireClientSecret") | |||
| .HasColumnType("bit"); | |||
| b.Property<bool>("RequireConsent") | |||
| .HasColumnType("bit"); | |||
| b.Property<bool>("RequirePkce") | |||
| .HasColumnType("bit"); | |||
| b.Property<int>("SlidingRefreshTokenLifetime") | |||
| .HasColumnType("int"); | |||
| b.Property<bool>("UpdateAccessTokenClaimsOnRefresh") | |||
| .HasColumnType("bit"); | |||
| b.Property<DateTime?>("Updated") | |||
| .HasColumnType("datetime2"); | |||
| b.Property<string>("UserCodeType") | |||
| .HasMaxLength(100) | |||
| .HasColumnType("nvarchar(100)"); | |||
| b.Property<int?>("UserSsoLifetime") | |||
| .HasColumnType("int"); | |||
| b.HasKey("Id"); | |||
| b.HasIndex("ClientId") | |||
| .IsUnique(); | |||
| b.ToTable("Clients", (string)null); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientClaim", b => | |||
| { | |||
| b.Property<int>("Id") | |||
| .ValueGeneratedOnAdd() | |||
| .HasColumnType("int") | |||
| .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); | |||
| b.Property<int>("ClientId") | |||
| .HasColumnType("int"); | |||
| b.Property<string>("Type") | |||
| .IsRequired() | |||
| .HasMaxLength(250) | |||
| .HasColumnType("nvarchar(250)"); | |||
| b.Property<string>("Value") | |||
| .IsRequired() | |||
| .HasMaxLength(250) | |||
| .HasColumnType("nvarchar(250)"); | |||
| b.HasKey("Id"); | |||
| b.HasIndex("ClientId"); | |||
| b.ToTable("ClientClaims", (string)null); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientCorsOrigin", b => | |||
| { | |||
| b.Property<int>("Id") | |||
| .ValueGeneratedOnAdd() | |||
| .HasColumnType("int") | |||
| .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); | |||
| b.Property<int>("ClientId") | |||
| .HasColumnType("int"); | |||
| b.Property<string>("Origin") | |||
| .IsRequired() | |||
| .HasMaxLength(150) | |||
| .HasColumnType("nvarchar(150)"); | |||
| b.HasKey("Id"); | |||
| b.HasIndex("ClientId"); | |||
| b.ToTable("ClientCorsOrigins", (string)null); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientGrantType", b => | |||
| { | |||
| b.Property<int>("Id") | |||
| .ValueGeneratedOnAdd() | |||
| .HasColumnType("int") | |||
| .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); | |||
| b.Property<int>("ClientId") | |||
| .HasColumnType("int"); | |||
| b.Property<string>("GrantType") | |||
| .IsRequired() | |||
| .HasMaxLength(250) | |||
| .HasColumnType("nvarchar(250)"); | |||
| b.HasKey("Id"); | |||
| b.HasIndex("ClientId"); | |||
| b.ToTable("ClientGrantTypes", (string)null); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientIdPRestriction", b => | |||
| { | |||
| b.Property<int>("Id") | |||
| .ValueGeneratedOnAdd() | |||
| .HasColumnType("int") | |||
| .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); | |||
| b.Property<int>("ClientId") | |||
| .HasColumnType("int"); | |||
| b.Property<string>("Provider") | |||
| .IsRequired() | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.HasKey("Id"); | |||
| b.HasIndex("ClientId"); | |||
| b.ToTable("ClientIdPRestrictions", (string)null); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientPostLogoutRedirectUri", b => | |||
| { | |||
| b.Property<int>("Id") | |||
| .ValueGeneratedOnAdd() | |||
| .HasColumnType("int") | |||
| .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); | |||
| b.Property<int>("ClientId") | |||
| .HasColumnType("int"); | |||
| b.Property<string>("PostLogoutRedirectUri") | |||
| .IsRequired() | |||
| .HasMaxLength(2000) | |||
| .HasColumnType("nvarchar(2000)"); | |||
| b.HasKey("Id"); | |||
| b.HasIndex("ClientId"); | |||
| b.ToTable("ClientPostLogoutRedirectUris", (string)null); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientProperty", b => | |||
| { | |||
| b.Property<int>("Id") | |||
| .ValueGeneratedOnAdd() | |||
| .HasColumnType("int") | |||
| .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); | |||
| b.Property<int>("ClientId") | |||
| .HasColumnType("int"); | |||
| b.Property<string>("Key") | |||
| .IsRequired() | |||
| .HasMaxLength(250) | |||
| .HasColumnType("nvarchar(250)"); | |||
| b.Property<string>("Value") | |||
| .IsRequired() | |||
| .HasMaxLength(2000) | |||
| .HasColumnType("nvarchar(2000)"); | |||
| b.HasKey("Id"); | |||
| b.HasIndex("ClientId"); | |||
| b.ToTable("ClientProperties", (string)null); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientRedirectUri", b => | |||
| { | |||
| b.Property<int>("Id") | |||
| .ValueGeneratedOnAdd() | |||
| .HasColumnType("int") | |||
| .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); | |||
| b.Property<int>("ClientId") | |||
| .HasColumnType("int"); | |||
| b.Property<string>("RedirectUri") | |||
| .IsRequired() | |||
| .HasMaxLength(2000) | |||
| .HasColumnType("nvarchar(2000)"); | |||
| b.HasKey("Id"); | |||
| b.HasIndex("ClientId"); | |||
| b.ToTable("ClientRedirectUris", (string)null); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientScope", b => | |||
| { | |||
| b.Property<int>("Id") | |||
| .ValueGeneratedOnAdd() | |||
| .HasColumnType("int") | |||
| .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); | |||
| b.Property<int>("ClientId") | |||
| .HasColumnType("int"); | |||
| b.Property<string>("Scope") | |||
| .IsRequired() | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.HasKey("Id"); | |||
| b.HasIndex("ClientId"); | |||
| b.ToTable("ClientScopes", (string)null); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientSecret", b => | |||
| { | |||
| b.Property<int>("Id") | |||
| .ValueGeneratedOnAdd() | |||
| .HasColumnType("int") | |||
| .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); | |||
| b.Property<int>("ClientId") | |||
| .HasColumnType("int"); | |||
| b.Property<DateTime>("Created") | |||
| .HasColumnType("datetime2"); | |||
| b.Property<string>("Description") | |||
| .HasMaxLength(2000) | |||
| .HasColumnType("nvarchar(2000)"); | |||
| b.Property<DateTime?>("Expiration") | |||
| .HasColumnType("datetime2"); | |||
| b.Property<string>("Type") | |||
| .IsRequired() | |||
| .HasMaxLength(250) | |||
| .HasColumnType("nvarchar(250)"); | |||
| b.Property<string>("Value") | |||
| .IsRequired() | |||
| .HasMaxLength(4000) | |||
| .HasColumnType("nvarchar(4000)"); | |||
| b.HasKey("Id"); | |||
| b.HasIndex("ClientId"); | |||
| b.ToTable("ClientSecrets", (string)null); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.IdentityClaim", b => | |||
| { | |||
| b.Property<int>("Id") | |||
| .ValueGeneratedOnAdd() | |||
| .HasColumnType("int") | |||
| .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); | |||
| b.Property<int>("IdentityResourceId") | |||
| .HasColumnType("int"); | |||
| b.Property<string>("Type") | |||
| .IsRequired() | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.HasKey("Id"); | |||
| b.HasIndex("IdentityResourceId"); | |||
| b.ToTable("IdentityClaims", (string)null); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.IdentityResource", b => | |||
| { | |||
| b.Property<int>("Id") | |||
| .ValueGeneratedOnAdd() | |||
| .HasColumnType("int") | |||
| .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); | |||
| b.Property<DateTime>("Created") | |||
| .HasColumnType("datetime2"); | |||
| b.Property<string>("Description") | |||
| .HasMaxLength(1000) | |||
| .HasColumnType("nvarchar(1000)"); | |||
| b.Property<string>("DisplayName") | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.Property<bool>("Emphasize") | |||
| .HasColumnType("bit"); | |||
| b.Property<bool>("Enabled") | |||
| .HasColumnType("bit"); | |||
| b.Property<string>("Name") | |||
| .IsRequired() | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.Property<bool>("NonEditable") | |||
| .HasColumnType("bit"); | |||
| b.Property<bool>("Required") | |||
| .HasColumnType("bit"); | |||
| b.Property<bool>("ShowInDiscoveryDocument") | |||
| .HasColumnType("bit"); | |||
| b.Property<DateTime?>("Updated") | |||
| .HasColumnType("datetime2"); | |||
| b.HasKey("Id"); | |||
| b.HasIndex("Name") | |||
| .IsUnique(); | |||
| b.ToTable("IdentityResources", (string)null); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.IdentityResourceProperty", b => | |||
| { | |||
| b.Property<int>("Id") | |||
| .ValueGeneratedOnAdd() | |||
| .HasColumnType("int") | |||
| .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); | |||
| b.Property<int>("IdentityResourceId") | |||
| .HasColumnType("int"); | |||
| b.Property<string>("Key") | |||
| .IsRequired() | |||
| .HasMaxLength(250) | |||
| .HasColumnType("nvarchar(250)"); | |||
| b.Property<string>("Value") | |||
| .IsRequired() | |||
| .HasMaxLength(2000) | |||
| .HasColumnType("nvarchar(2000)"); | |||
| b.HasKey("Id"); | |||
| b.HasIndex("IdentityResourceId"); | |||
| b.ToTable("IdentityProperties", (string)null); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiResourceClaim", b => | |||
| { | |||
| b.HasOne("IdentityServer4.EntityFramework.Entities.ApiResource", "ApiResource") | |||
| .WithMany("UserClaims") | |||
| .HasForeignKey("ApiResourceId") | |||
| .OnDelete(DeleteBehavior.Cascade) | |||
| .IsRequired(); | |||
| b.Navigation("ApiResource"); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiResourceProperty", b => | |||
| { | |||
| b.HasOne("IdentityServer4.EntityFramework.Entities.ApiResource", "ApiResource") | |||
| .WithMany("Properties") | |||
| .HasForeignKey("ApiResourceId") | |||
| .OnDelete(DeleteBehavior.Cascade) | |||
| .IsRequired(); | |||
| b.Navigation("ApiResource"); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiScope", b => | |||
| { | |||
| b.HasOne("IdentityServer4.EntityFramework.Entities.ApiResource", "ApiResource") | |||
| .WithMany("Scopes") | |||
| .HasForeignKey("ApiResourceId") | |||
| .OnDelete(DeleteBehavior.Cascade) | |||
| .IsRequired(); | |||
| b.Navigation("ApiResource"); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiScopeClaim", b => | |||
| { | |||
| b.HasOne("IdentityServer4.EntityFramework.Entities.ApiScope", "ApiScope") | |||
| .WithMany("UserClaims") | |||
| .HasForeignKey("ApiScopeId") | |||
| .OnDelete(DeleteBehavior.Cascade) | |||
| .IsRequired(); | |||
| b.Navigation("ApiScope"); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiSecret", b => | |||
| { | |||
| b.HasOne("IdentityServer4.EntityFramework.Entities.ApiResource", "ApiResource") | |||
| .WithMany("Secrets") | |||
| .HasForeignKey("ApiResourceId") | |||
| .OnDelete(DeleteBehavior.Cascade) | |||
| .IsRequired(); | |||
| b.Navigation("ApiResource"); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientClaim", b => | |||
| { | |||
| b.HasOne("IdentityServer4.EntityFramework.Entities.Client", "Client") | |||
| .WithMany("Claims") | |||
| .HasForeignKey("ClientId") | |||
| .OnDelete(DeleteBehavior.Cascade) | |||
| .IsRequired(); | |||
| b.Navigation("Client"); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientCorsOrigin", b => | |||
| { | |||
| b.HasOne("IdentityServer4.EntityFramework.Entities.Client", "Client") | |||
| .WithMany("AllowedCorsOrigins") | |||
| .HasForeignKey("ClientId") | |||
| .OnDelete(DeleteBehavior.Cascade) | |||
| .IsRequired(); | |||
| b.Navigation("Client"); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientGrantType", b => | |||
| { | |||
| b.HasOne("IdentityServer4.EntityFramework.Entities.Client", "Client") | |||
| .WithMany("AllowedGrantTypes") | |||
| .HasForeignKey("ClientId") | |||
| .OnDelete(DeleteBehavior.Cascade) | |||
| .IsRequired(); | |||
| b.Navigation("Client"); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientIdPRestriction", b => | |||
| { | |||
| b.HasOne("IdentityServer4.EntityFramework.Entities.Client", "Client") | |||
| .WithMany("IdentityProviderRestrictions") | |||
| .HasForeignKey("ClientId") | |||
| .OnDelete(DeleteBehavior.Cascade) | |||
| .IsRequired(); | |||
| b.Navigation("Client"); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientPostLogoutRedirectUri", b => | |||
| { | |||
| b.HasOne("IdentityServer4.EntityFramework.Entities.Client", "Client") | |||
| .WithMany("PostLogoutRedirectUris") | |||
| .HasForeignKey("ClientId") | |||
| .OnDelete(DeleteBehavior.Cascade) | |||
| .IsRequired(); | |||
| b.Navigation("Client"); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientProperty", b => | |||
| { | |||
| b.HasOne("IdentityServer4.EntityFramework.Entities.Client", "Client") | |||
| .WithMany("Properties") | |||
| .HasForeignKey("ClientId") | |||
| .OnDelete(DeleteBehavior.Cascade) | |||
| .IsRequired(); | |||
| b.Navigation("Client"); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientRedirectUri", b => | |||
| { | |||
| b.HasOne("IdentityServer4.EntityFramework.Entities.Client", "Client") | |||
| .WithMany("RedirectUris") | |||
| .HasForeignKey("ClientId") | |||
| .OnDelete(DeleteBehavior.Cascade) | |||
| .IsRequired(); | |||
| b.Navigation("Client"); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientScope", b => | |||
| { | |||
| b.HasOne("IdentityServer4.EntityFramework.Entities.Client", "Client") | |||
| .WithMany("AllowedScopes") | |||
| .HasForeignKey("ClientId") | |||
| .OnDelete(DeleteBehavior.Cascade) | |||
| .IsRequired(); | |||
| b.Navigation("Client"); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ClientSecret", b => | |||
| { | |||
| b.HasOne("IdentityServer4.EntityFramework.Entities.Client", "Client") | |||
| .WithMany("ClientSecrets") | |||
| .HasForeignKey("ClientId") | |||
| .OnDelete(DeleteBehavior.Cascade) | |||
| .IsRequired(); | |||
| b.Navigation("Client"); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.IdentityClaim", b => | |||
| { | |||
| b.HasOne("IdentityServer4.EntityFramework.Entities.IdentityResource", "IdentityResource") | |||
| .WithMany("UserClaims") | |||
| .HasForeignKey("IdentityResourceId") | |||
| .OnDelete(DeleteBehavior.Cascade) | |||
| .IsRequired(); | |||
| b.Navigation("IdentityResource"); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.IdentityResourceProperty", b => | |||
| { | |||
| b.HasOne("IdentityServer4.EntityFramework.Entities.IdentityResource", "IdentityResource") | |||
| .WithMany("Properties") | |||
| .HasForeignKey("IdentityResourceId") | |||
| .OnDelete(DeleteBehavior.Cascade) | |||
| .IsRequired(); | |||
| b.Navigation("IdentityResource"); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiResource", b => | |||
| { | |||
| b.Navigation("Properties"); | |||
| b.Navigation("Scopes"); | |||
| b.Navigation("Secrets"); | |||
| b.Navigation("UserClaims"); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.ApiScope", b => | |||
| { | |||
| b.Navigation("UserClaims"); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.Client", b => | |||
| { | |||
| b.Navigation("AllowedCorsOrigins"); | |||
| b.Navigation("AllowedGrantTypes"); | |||
| b.Navigation("AllowedScopes"); | |||
| b.Navigation("Claims"); | |||
| b.Navigation("ClientSecrets"); | |||
| b.Navigation("IdentityProviderRestrictions"); | |||
| b.Navigation("PostLogoutRedirectUris"); | |||
| b.Navigation("Properties"); | |||
| b.Navigation("RedirectUris"); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.IdentityResource", b => | |||
| { | |||
| b.Navigation("Properties"); | |||
| b.Navigation("UserClaims"); | |||
| }); | |||
| #pragma warning restore 612, 618 | |||
| } | |||
| } | |||
| } | |||
+ 0
- 108
src/Services/Identity/Identity.API/Migrations/PersistedGrantDb/20210813072513_InitialMigration.Designer.cs
View File
| @ -1,108 +0,0 @@ | |||
| // <auto-generated /> | |||
| using System; | |||
| using IdentityServer4.EntityFramework.DbContexts; | |||
| using Microsoft.EntityFrameworkCore; | |||
| using Microsoft.EntityFrameworkCore.Infrastructure; | |||
| using Microsoft.EntityFrameworkCore.Metadata; | |||
| using Microsoft.EntityFrameworkCore.Migrations; | |||
| using Microsoft.EntityFrameworkCore.Storage.ValueConversion; | |||
| namespace Identity.API.Migrations.PersistedGrantDb | |||
| { | |||
| [DbContext(typeof(PersistedGrantDbContext))] | |||
| [Migration("20210813072513_InitialMigration")] | |||
| partial class InitialMigration | |||
| { | |||
| protected override void BuildTargetModel(ModelBuilder modelBuilder) | |||
| { | |||
| #pragma warning disable 612, 618 | |||
| modelBuilder | |||
| .HasAnnotation("Relational:MaxIdentifierLength", 128) | |||
| .HasAnnotation("ProductVersion", "6.0.0") | |||
| .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.DeviceFlowCodes", b => | |||
| { | |||
| b.Property<string>("UserCode") | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.Property<string>("ClientId") | |||
| .IsRequired() | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.Property<DateTime>("CreationTime") | |||
| .HasColumnType("datetime2"); | |||
| b.Property<string>("Data") | |||
| .IsRequired() | |||
| .HasMaxLength(50000) | |||
| .HasColumnType("nvarchar(max)"); | |||
| b.Property<string>("DeviceCode") | |||
| .IsRequired() | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.Property<DateTime?>("Expiration") | |||
| .IsRequired() | |||
| .HasColumnType("datetime2"); | |||
| b.Property<string>("SubjectId") | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.HasKey("UserCode"); | |||
| b.HasIndex("DeviceCode") | |||
| .IsUnique(); | |||
| b.HasIndex("Expiration"); | |||
| b.ToTable("DeviceCodes", (string)null); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.PersistedGrant", b => | |||
| { | |||
| b.Property<string>("Key") | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.Property<string>("ClientId") | |||
| .IsRequired() | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.Property<DateTime>("CreationTime") | |||
| .HasColumnType("datetime2"); | |||
| b.Property<string>("Data") | |||
| .IsRequired() | |||
| .HasMaxLength(50000) | |||
| .HasColumnType("nvarchar(max)"); | |||
| b.Property<DateTime?>("Expiration") | |||
| .HasColumnType("datetime2"); | |||
| b.Property<string>("SubjectId") | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.Property<string>("Type") | |||
| .IsRequired() | |||
| .HasMaxLength(50) | |||
| .HasColumnType("nvarchar(50)"); | |||
| b.HasKey("Key"); | |||
| b.HasIndex("Expiration"); | |||
| b.HasIndex("SubjectId", "ClientId", "Type"); | |||
| b.ToTable("PersistedGrants", (string)null); | |||
| }); | |||
| #pragma warning restore 612, 618 | |||
| } | |||
| } | |||
| } | |||
+ 0
- 75
src/Services/Identity/Identity.API/Migrations/PersistedGrantDb/20210813072513_InitialMigration.cs
View File
| @ -1,75 +0,0 @@ | |||
| using System; | |||
| using Microsoft.EntityFrameworkCore.Migrations; | |||
| namespace Identity.API.Migrations.PersistedGrantDb | |||
| { | |||
| public partial class InitialMigration : Migration | |||
| { | |||
| protected override void Up(MigrationBuilder migrationBuilder) | |||
| { | |||
| migrationBuilder.CreateTable( | |||
| name: "DeviceCodes", | |||
| columns: table => new | |||
| { | |||
| UserCode = table.Column<string>(type: "nvarchar(200)", maxLength: 200, nullable: false), | |||
| DeviceCode = table.Column<string>(type: "nvarchar(200)", maxLength: 200, nullable: false), | |||
| SubjectId = table.Column<string>(type: "nvarchar(200)", maxLength: 200, nullable: true), | |||
| ClientId = table.Column<string>(type: "nvarchar(200)", maxLength: 200, nullable: false), | |||
| CreationTime = table.Column<DateTime>(type: "datetime2", nullable: false), | |||
| Expiration = table.Column<DateTime>(type: "datetime2", nullable: false), | |||
| Data = table.Column<string>(type: "nvarchar(max)", maxLength: 50000, nullable: false) | |||
| }, | |||
| constraints: table => | |||
| { | |||
| table.PrimaryKey("PK_DeviceCodes", x => x.UserCode); | |||
| }); | |||
| migrationBuilder.CreateTable( | |||
| name: "PersistedGrants", | |||
| columns: table => new | |||
| { | |||
| Key = table.Column<string>(type: "nvarchar(200)", maxLength: 200, nullable: false), | |||
| Type = table.Column<string>(type: "nvarchar(50)", maxLength: 50, nullable: false), | |||
| SubjectId = table.Column<string>(type: "nvarchar(200)", maxLength: 200, nullable: true), | |||
| ClientId = table.Column<string>(type: "nvarchar(200)", maxLength: 200, nullable: false), | |||
| CreationTime = table.Column<DateTime>(type: "datetime2", nullable: false), | |||
| Expiration = table.Column<DateTime>(type: "datetime2", nullable: true), | |||
| Data = table.Column<string>(type: "nvarchar(max)", maxLength: 50000, nullable: false) | |||
| }, | |||
| constraints: table => | |||
| { | |||
| table.PrimaryKey("PK_PersistedGrants", x => x.Key); | |||
| }); | |||
| migrationBuilder.CreateIndex( | |||
| name: "IX_DeviceCodes_DeviceCode", | |||
| table: "DeviceCodes", | |||
| column: "DeviceCode", | |||
| unique: true); | |||
| migrationBuilder.CreateIndex( | |||
| name: "IX_DeviceCodes_Expiration", | |||
| table: "DeviceCodes", | |||
| column: "Expiration"); | |||
| migrationBuilder.CreateIndex( | |||
| name: "IX_PersistedGrants_Expiration", | |||
| table: "PersistedGrants", | |||
| column: "Expiration"); | |||
| migrationBuilder.CreateIndex( | |||
| name: "IX_PersistedGrants_SubjectId_ClientId_Type", | |||
| table: "PersistedGrants", | |||
| columns: new[] { "SubjectId", "ClientId", "Type" }); | |||
| } | |||
| protected override void Down(MigrationBuilder migrationBuilder) | |||
| { | |||
| migrationBuilder.DropTable( | |||
| name: "DeviceCodes"); | |||
| migrationBuilder.DropTable( | |||
| name: "PersistedGrants"); | |||
| } | |||
| } | |||
| } | |||
+ 0
- 106
src/Services/Identity/Identity.API/Migrations/PersistedGrantDb/PersistedGrantDbContextModelSnapshot.cs
View File
| @ -1,106 +0,0 @@ | |||
| // <auto-generated /> | |||
| using System; | |||
| using IdentityServer4.EntityFramework.DbContexts; | |||
| using Microsoft.EntityFrameworkCore; | |||
| using Microsoft.EntityFrameworkCore.Infrastructure; | |||
| using Microsoft.EntityFrameworkCore.Metadata; | |||
| using Microsoft.EntityFrameworkCore.Storage.ValueConversion; | |||
| namespace Identity.API.Migrations.PersistedGrantDb | |||
| { | |||
| [DbContext(typeof(PersistedGrantDbContext))] | |||
| partial class PersistedGrantDbContextModelSnapshot : ModelSnapshot | |||
| { | |||
| protected override void BuildModel(ModelBuilder modelBuilder) | |||
| { | |||
| #pragma warning disable 612, 618 | |||
| modelBuilder | |||
| .HasAnnotation("Relational:MaxIdentifierLength", 128) | |||
| .HasAnnotation("ProductVersion", "6.0.0") | |||
| .HasAnnotation("SqlServer:ValueGenerationStrategy", SqlServerValueGenerationStrategy.IdentityColumn); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.DeviceFlowCodes", b => | |||
| { | |||
| b.Property<string>("UserCode") | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.Property<string>("ClientId") | |||
| .IsRequired() | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.Property<DateTime>("CreationTime") | |||
| .HasColumnType("datetime2"); | |||
| b.Property<string>("Data") | |||
| .IsRequired() | |||
| .HasMaxLength(50000) | |||
| .HasColumnType("nvarchar(max)"); | |||
| b.Property<string>("DeviceCode") | |||
| .IsRequired() | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.Property<DateTime?>("Expiration") | |||
| .IsRequired() | |||
| .HasColumnType("datetime2"); | |||
| b.Property<string>("SubjectId") | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.HasKey("UserCode"); | |||
| b.HasIndex("DeviceCode") | |||
| .IsUnique(); | |||
| b.HasIndex("Expiration"); | |||
| b.ToTable("DeviceCodes", (string)null); | |||
| }); | |||
| modelBuilder.Entity("IdentityServer4.EntityFramework.Entities.PersistedGrant", b => | |||
| { | |||
| b.Property<string>("Key") | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.Property<string>("ClientId") | |||
| .IsRequired() | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.Property<DateTime>("CreationTime") | |||
| .HasColumnType("datetime2"); | |||
| b.Property<string>("Data") | |||
| .IsRequired() | |||
| .HasMaxLength(50000) | |||
| .HasColumnType("nvarchar(max)"); | |||
| b.Property<DateTime?>("Expiration") | |||
| .HasColumnType("datetime2"); | |||
| b.Property<string>("SubjectId") | |||
| .HasMaxLength(200) | |||
| .HasColumnType("nvarchar(200)"); | |||
| b.Property<string>("Type") | |||
| .IsRequired() | |||
| .HasMaxLength(50) | |||
| .HasColumnType("nvarchar(50)"); | |||
| b.HasKey("Key"); | |||
| b.HasIndex("Expiration"); | |||
| b.HasIndex("SubjectId", "ClientId", "Type"); | |||
| b.ToTable("PersistedGrants", (string)null); | |||
| }); | |||
| #pragma warning restore 612, 618 | |||
| } | |||
| } | |||
| } | |||
+ 0
- 10
src/Services/Identity/Identity.API/Models/AccountViewModels/ConsentInputModel.cs
View File
| @ -1,10 +0,0 @@ | |||
| namespace Microsoft.eShopOnContainers.Services.Identity.API.Models.AccountViewModels | |||
| { | |||
| public record ConsentInputModel | |||
| { | |||
| public string Button { get; init; } | |||
| public IEnumerable<string> ScopesConsented { get; init; } | |||
| public bool RememberConsent { get; init; } | |||
| public string ReturnUrl { get; init; } | |||
| } | |||
| } | |||
+ 0
- 61
src/Services/Identity/Identity.API/Models/AccountViewModels/ConsentViewModel.cs
View File
| @ -1,61 +0,0 @@ | |||
| using IdentityServer4.Models; | |||
| namespace Microsoft.eShopOnContainers.Services.Identity.API.Models.AccountViewModels | |||
| { | |||
| public record ConsentViewModel : ConsentInputModel | |||
| { | |||
| public ConsentViewModel(ConsentInputModel model, string returnUrl, AuthorizationRequest request, Client client, Resources resources) | |||
| { | |||
| RememberConsent = model?.RememberConsent ?? true; | |||
| ScopesConsented = model?.ScopesConsented ?? Enumerable.Empty<string>(); | |||
| ReturnUrl = returnUrl; | |||
| ClientName = client.ClientName; | |||
| ClientUrl = client.ClientUri; | |||
| ClientLogoUrl = client.LogoUri; | |||
| AllowRememberConsent = client.AllowRememberConsent; | |||
| IdentityScopes = resources.IdentityResources.Select(x => new ScopeViewModel(x, ScopesConsented.Contains(x.Name) || model == null)).ToArray(); | |||
| ResourceScopes = resources.ApiResources.SelectMany(x => x.Scopes).Select(x => new ScopeViewModel(x, ScopesConsented.Contains(x.Name) || model == null)).ToArray(); | |||
| } | |||
| public string ClientName { get; init; } | |||
| public string ClientUrl { get; init; } | |||
| public string ClientLogoUrl { get; init; } | |||
| public bool AllowRememberConsent { get; init; } | |||
| public IEnumerable<ScopeViewModel> IdentityScopes { get; init; } | |||
| public IEnumerable<ScopeViewModel> ResourceScopes { get; init; } | |||
| } | |||
| public record ScopeViewModel | |||
| { | |||
| public ScopeViewModel(Scope scope, bool check) | |||
| { | |||
| Name = scope.Name; | |||
| DisplayName = scope.DisplayName; | |||
| Description = scope.Description; | |||
| Emphasize = scope.Emphasize; | |||
| Required = scope.Required; | |||
| Checked = check || scope.Required; | |||
| } | |||
| public ScopeViewModel(IdentityResource identity, bool check) | |||
| { | |||
| Name = identity.Name; | |||
| DisplayName = identity.DisplayName; | |||
| Description = identity.Description; | |||
| Emphasize = identity.Emphasize; | |||
| Required = identity.Required; | |||
| Checked = check || identity.Required; | |||
| } | |||
| public string Name { get; init; } | |||
| public string DisplayName { get; init; } | |||
| public string Description { get; init; } | |||
| public bool Emphasize { get; init; } | |||
| public bool Required { get; init; } | |||
| public bool Checked { get; init; } | |||
| } | |||
| } | |||
+ 7
- 0
src/Services/Identity/Identity.API/Models/AccountViewModels/RedirectViewModel.cs
View File
| @ -0,0 +1,7 @@ | |||
| namespace Microsoft.eShopOnContainers.Services.Identity.API.Models.AccountViewModels | |||
| { | |||
| public class RedirectViewModel | |||
| { | |||
| public string RedirectUrl { get; set; } | |||
| } | |||
| } | |||
+ 13
- 0
src/Services/Identity/Identity.API/Models/ConsentViewModels/ConsentInputModel.cs
View File
| @ -0,0 +1,13 @@ | |||
| using System.Collections.Generic; | |||
| namespace Microsoft.eShopOnContainers.Services.Identity.API.Models.ConsentViewModels | |||
| { | |||
| public class ConsentInputModel | |||
| { | |||
| public string Button { get; set; } | |||
| public IEnumerable<string> ScopesConsented { get; set; } | |||
| public bool RememberConsent { get; set; } | |||
| public string ReturnUrl { get; set; } | |||
| public string Description { get; set; } | |||
| } | |||
| } | |||
+ 12
- 0
src/Services/Identity/Identity.API/Models/ConsentViewModels/ConsentOptions.cs
View File
| @ -0,0 +1,12 @@ | |||
| namespace Microsoft.eShopOnContainers.Services.Identity.API.Models.ConsentViewModels | |||
| { | |||
| public class ConsentOptions | |||
| { | |||
| public static bool EnableOfflineAccess = true; | |||
| public static string OfflineAccessDisplayName = "Offline Access"; | |||
| public static string OfflineAccessDescription = "Access to your applications and resources, even when you are offline"; | |||
| public static readonly string MustChooseOneErrorMessage = "You must pick at least one permission"; | |||
| public static readonly string InvalidSelectionErrorMessage = "Invalid selection"; | |||
| } | |||
| } | |||
+ 15
- 0
src/Services/Identity/Identity.API/Models/ConsentViewModels/ConsentViewModel.cs
View File
| @ -0,0 +1,15 @@ | |||
| using System.Collections.Generic; | |||
| namespace Microsoft.eShopOnContainers.Services.Identity.API.Models.ConsentViewModels | |||
| { | |||
| public class ConsentViewModel : ConsentInputModel | |||
| { | |||
| public string ClientName { get; set; } | |||
| public string ClientUrl { get; set; } | |||
| public string ClientLogoUrl { get; set; } | |||
| public bool AllowRememberConsent { get; set; } | |||
| public IEnumerable<ScopeViewModel> IdentityScopes { get; set; } | |||
| public IEnumerable<ScopeViewModel> ApiScopes { get; set; } | |||
| } | |||
| } | |||
+ 17
- 0
src/Services/Identity/Identity.API/Models/ConsentViewModels/ProcessConsentResult.cs
View File
| @ -0,0 +1,17 @@ | |||
| using Duende.IdentityServer.Models; | |||
| namespace Microsoft.eShopOnContainers.Services.Identity.API.Models.ConsentViewModels | |||
| { | |||
| public class ProcessConsentResult | |||
| { | |||
| public bool IsRedirect => RedirectUri != null; | |||
| public string RedirectUri { get; set; } | |||
| public Client Client { get; set; } | |||
| public bool ShowView => ViewModel != null; | |||
| public ConsentViewModel ViewModel { get; set; } | |||
| public bool HasValidationError => ValidationError != null; | |||
| public string ValidationError { get; set; } | |||
| } | |||
| } | |||
+ 12
- 0
src/Services/Identity/Identity.API/Models/ConsentViewModels/ScopeViewModel.cs
View File
| @ -0,0 +1,12 @@ | |||
| namespace Microsoft.eShopOnContainers.Services.Identity.API.Models.ConsentViewModels | |||
| { | |||
| public class ScopeViewModel | |||
| { | |||
| public string Value { get; set; } | |||
| public string DisplayName { get; set; } | |||
| public string Description { get; set; } | |||
| public bool Emphasize { get; set; } | |||
| public bool Required { get; set; } | |||
| public bool Checked { get; set; } | |||
| } | |||
| } | |||
+ 58
- 54
src/Services/Identity/Identity.API/Program.cs
View File
+ 117
- 0
src/Services/Identity/Identity.API/ProgramExtensions.cs
View File
| @ -0,0 +1,117 @@ | |||
| using Serilog; | |||
| namespace Microsoft.eShopOnContainers.Services.Identity.API; | |||
| public static class ProgramExtensions | |||
| { | |||
| private const string AppName = "Identity API"; | |||
| public static void AddCustomConfiguration(this WebApplicationBuilder builder) | |||
| { | |||
| builder.Configuration.AddConfiguration(GetConfiguration()).Build(); | |||
| } | |||
| public static void AddCustomSerilog(this WebApplicationBuilder builder) | |||
| { | |||
| var seqServerUrl = builder.Configuration["SeqServerUrl"]; | |||
| var logstashUrl = builder.Configuration["LogstashgUrl"]; | |||
| Log.Logger = new LoggerConfiguration() | |||
| .MinimumLevel.Verbose() | |||
| .Enrich.WithProperty("ApplicationContext", AppName) | |||
| .Enrich.FromLogContext() | |||
| .WriteTo.Console() | |||
| .WriteTo.Seq(string.IsNullOrWhiteSpace(seqServerUrl) ? "http://seq" : seqServerUrl) | |||
| .WriteTo.Http(string.IsNullOrWhiteSpace(logstashUrl) ? "http://localhost:8080" : logstashUrl, null) | |||
| .ReadFrom.Configuration(builder.Configuration) | |||
| .CreateLogger(); | |||
| builder.Host.UseSerilog(); | |||
| } | |||
| public static void AddCustomMvc(this WebApplicationBuilder builder) | |||
| { | |||
| builder.Services.AddControllersWithViews(); | |||
| builder.Services.AddControllers(); | |||
| builder.Services.AddRazorPages(); | |||
| } | |||
| public static void AddCustomDatabase(this WebApplicationBuilder builder) => | |||
| builder.Services.AddDbContext<ApplicationDbContext>( | |||
| options => options.UseSqlServer(builder.Configuration["ConnectionString"])); | |||
| public static void AddCustomIdentity(this WebApplicationBuilder builder) | |||
| { | |||
| builder.Services.AddIdentity<ApplicationUser, IdentityRole>() | |||
| .AddEntityFrameworkStores<ApplicationDbContext>() | |||
| .AddDefaultTokenProviders(); | |||
| } | |||
| public static void AddCustomIdentityServer(this WebApplicationBuilder builder) | |||
| { | |||
| var identityServerBuilder = builder.Services.AddIdentityServer(options => | |||
| { | |||
| options.IssuerUri = "null"; | |||
| options.Authentication.CookieLifetime = TimeSpan.FromHours(2); | |||
| options.Events.RaiseErrorEvents = true; | |||
| options.Events.RaiseInformationEvents = true; | |||
| options.Events.RaiseFailureEvents = true; | |||
| options.Events.RaiseSuccessEvents = true; | |||
| }) | |||
| .AddInMemoryIdentityResources(Config.GetResources()) | |||
| .AddInMemoryApiScopes(Config.GetApiScopes()) | |||
| .AddInMemoryApiResources(Config.GetApis()) | |||
| .AddInMemoryClients(Config.GetClients(builder.Configuration)) | |||
| .AddAspNetIdentity<ApplicationUser>(); | |||
| // not recommended for production - you need to store your key material somewhere secure | |||
| identityServerBuilder.AddDeveloperSigningCredential(); | |||
| } | |||
| public static void AddCustomAuthentication(this WebApplicationBuilder builder) | |||
| { | |||
| builder.Services.AddAuthentication(); | |||
| } | |||
| public static void AddCustomHealthChecks(this WebApplicationBuilder builder) | |||
| { | |||
| builder.Services.AddHealthChecks() | |||
| .AddCheck("self", () => HealthCheckResult.Healthy()) | |||
| .AddSqlServer(builder.Configuration["ConnectionString"], | |||
| name: "IdentityDB-check", | |||
| tags: new string[] { "IdentityDB" }); | |||
| } | |||
| public static void AddCustomApplicationServices(this WebApplicationBuilder builder) | |||
| { | |||
| builder.Services.AddTransient<IProfileService, ProfileService>(); | |||
| builder.Services.AddTransient<ILoginService<ApplicationUser>, EFLoginService>(); | |||
| builder.Services.AddTransient<IRedirectService, RedirectService>(); | |||
| } | |||
| static IConfiguration GetConfiguration() | |||
| { | |||
| var builder = new ConfigurationBuilder() | |||
| .SetBasePath(Directory.GetCurrentDirectory()) | |||
| .AddJsonFile("appsettings.json", optional: false, reloadOnChange: true) | |||
| .AddEnvironmentVariables(); | |||
| var config = builder.Build(); | |||
| if (config.GetValue<bool>("UseVault", false)) | |||
| { | |||
| TokenCredential credential = new ClientSecretCredential( | |||
| config["Vault:TenantId"], | |||
| config["Vault:ClientId"], | |||
| config["Vault:ClientSecret"]); | |||
| builder.AddAzureKeyVault(new Uri($"https://{config["Vault:Name"]}.vault.azure.net/"), credential); | |||
| } | |||
| return builder.Build(); | |||
| } | |||
| } | |||
+ 341
- 0
src/Services/Identity/Identity.API/Quickstart/Account/AccountController.cs
View File
| @ -0,0 +1,341 @@ | |||
| // Copyright (c) Brock Allen & Dominick Baier. All rights reserved. | |||
| // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. | |||
| using Duende.IdentityServer.Events; | |||
| using Duende.IdentityServer.Extensions; | |||
| using Duende.IdentityServer.Stores; | |||
| using Microsoft.AspNetCore.Authentication; | |||
| using Microsoft.AspNetCore.Authorization; | |||
| using Microsoft.AspNetCore.Mvc; | |||
| namespace IdentityServerHost.Quickstart.UI | |||
| { | |||
| [SecurityHeaders] | |||
| [AllowAnonymous] | |||
| public class AccountController : Controller | |||
| { | |||
| private readonly UserManager<ApplicationUser> _userManager; | |||
| private readonly SignInManager<ApplicationUser> _signInManager; | |||
| private readonly IIdentityServerInteractionService _interaction; | |||
| private readonly IClientStore _clientStore; | |||
| private readonly IAuthenticationSchemeProvider _schemeProvider; | |||
| private readonly IAuthenticationHandlerProvider _handlerProvider; | |||
| private readonly IEventService _events; | |||
| public AccountController( | |||
| UserManager<ApplicationUser> userManager, | |||
| SignInManager<ApplicationUser> signInManager, | |||
| IIdentityServerInteractionService interaction, | |||
| IClientStore clientStore, | |||
| IAuthenticationSchemeProvider schemeProvider, | |||
| IAuthenticationHandlerProvider handlerProvider, | |||
| IEventService events) | |||
| { | |||
| _userManager = userManager; | |||
| _signInManager = signInManager; | |||
| _interaction = interaction; | |||
| _clientStore = clientStore; | |||
| _schemeProvider = schemeProvider; | |||
| _handlerProvider = handlerProvider; | |||
| _events = events; | |||
| } | |||
| /// <summary> | |||
| /// Entry point into the login workflow | |||
| /// </summary> | |||
| [HttpGet] | |||
| public async Task<IActionResult> Login(string returnUrl) | |||
| { | |||
| // build a model so we know what to show on the login page | |||
| var vm = await BuildLoginViewModelAsync(returnUrl); | |||
| ViewData["ReturnUrl"] = returnUrl; | |||
| if (vm.IsExternalLoginOnly) | |||
| { | |||
| // we only have one option for logging in and it's an external provider | |||
| return RedirectToAction("Challenge", "External", new { scheme = vm.ExternalLoginScheme, returnUrl }); | |||
| } | |||
| return View(vm); | |||
| } | |||
| /// <summary> | |||
| /// Handle postback from username/password login | |||
| /// </summary> | |||
| [HttpPost] | |||
| [ValidateAntiForgeryToken] | |||
| public async Task<IActionResult> Login(LoginInputModel model, string button) | |||
| { | |||
| // check if we are in the context of an authorization request | |||
| var context = await _interaction.GetAuthorizationContextAsync(model.ReturnUrl); | |||
| // the user clicked the "cancel" button | |||
| if (button != "login") | |||
| { | |||
| if (context != null) | |||
| { | |||
| // if the user cancels, send a result back into IdentityServer as if they | |||
| // denied the consent (even if this client does not require consent). | |||
| // this will send back an access denied OIDC error response to the client. | |||
| await _interaction.DenyAuthorizationAsync(context, AuthorizationError.AccessDenied); | |||
| // we can trust model.ReturnUrl since GetAuthorizationContextAsync returned non-null | |||
| if (context.IsNativeClient()) | |||
| { | |||
| // The client is native, so this change in how to | |||
| // return the response is for better UX for the end user. | |||
| return this.LoadingPage("Redirect", model.ReturnUrl); | |||
| } | |||
| return Redirect(model.ReturnUrl); | |||
| } | |||
| else | |||
| { | |||
| // since we don't have a valid context, then we just go back to the home page | |||
| return Redirect("~/"); | |||
| } | |||
| } | |||
| if (ModelState.IsValid) | |||
| { | |||
| var result = await _signInManager.PasswordSignInAsync(model.Username, model.Password, model.RememberLogin, lockoutOnFailure: true); | |||
| if (result.Succeeded) | |||
| { | |||
| var user = await _userManager.FindByNameAsync(model.Username); | |||
| await _events.RaiseAsync(new UserLoginSuccessEvent(user.UserName, user.Id, user.UserName, clientId: context?.Client.ClientId)); | |||
| if (context != null) | |||
| { | |||
| if (context.IsNativeClient()) | |||
| { | |||
| // The client is native, so this change in how to | |||
| // return the response is for better UX for the end user. | |||
| return this.LoadingPage("Redirect", model.ReturnUrl); | |||
| } | |||
| // we can trust model.ReturnUrl since GetAuthorizationContextAsync returned non-null | |||
| return Redirect(model.ReturnUrl); | |||
| } | |||
| // request for a local page | |||
| if (Url.IsLocalUrl(model.ReturnUrl)) | |||
| { | |||
| return Redirect(model.ReturnUrl); | |||
| } | |||
| else if (string.IsNullOrEmpty(model.ReturnUrl)) | |||
| { | |||
| return Redirect("~/"); | |||
| } | |||
| else | |||
| { | |||
| // user might have clicked on a malicious link - should be logged | |||
| throw new Exception("invalid return URL"); | |||
| } | |||
| } | |||
| await _events.RaiseAsync(new UserLoginFailureEvent(model.Username, "invalid credentials", clientId:context?.Client.ClientId)); | |||
| ModelState.AddModelError(string.Empty, AccountOptions.InvalidCredentialsErrorMessage); | |||
| } | |||
| // something went wrong, show form with error | |||
| var vm = await BuildLoginViewModelAsync(model); | |||
| ViewData["ReturnUrl"] = model.ReturnUrl; | |||
| return View(vm); | |||
| } | |||
| /// <summary> | |||
| /// Show logout page | |||
| /// </summary> | |||
| [HttpGet] | |||
| public async Task<IActionResult> Logout(string logoutId) | |||
| { | |||
| // build a model so the logout page knows what to display | |||
| var vm = await BuildLogoutViewModelAsync(logoutId); | |||
| if (vm.ShowLogoutPrompt == false) | |||
| { | |||
| // if the request for logout was properly authenticated from IdentityServer, then | |||
| // we don't need to show the prompt and can just log the user out directly. | |||
| return await Logout(vm); | |||
| } | |||
| return View(vm); | |||
| } | |||
| /// <summary> | |||
| /// Handle logout page postback | |||
| /// </summary> | |||
| [HttpPost] | |||
| [ValidateAntiForgeryToken] | |||
| public async Task<IActionResult> Logout(LogoutInputModel model) | |||
| { | |||
| // build a model so the logged out page knows what to display | |||
| var vm = await BuildLoggedOutViewModelAsync(model.LogoutId); | |||
| if (User?.Identity.IsAuthenticated == true) | |||
| { | |||
| // delete local authentication cookie | |||
| await _signInManager.SignOutAsync(); | |||
| // raise the logout event | |||
| await _events.RaiseAsync(new UserLogoutSuccessEvent(User.GetSubjectId(), User.GetDisplayName())); | |||
| } | |||
| // check if we need to trigger sign-out at an upstream identity provider | |||
| if (vm.TriggerExternalSignout) | |||
| { | |||
| // build a return URL so the upstream provider will redirect back | |||
| // to us after the user has logged out. this allows us to then | |||
| // complete our single sign-out processing. | |||
| string url = Url.Action("Logout", new { logoutId = vm.LogoutId }); | |||
| // this triggers a redirect to the external provider for sign-out | |||
| return SignOut(new AuthenticationProperties { RedirectUri = url }, vm.ExternalAuthenticationScheme); | |||
| } | |||
| return View("LoggedOut", vm); | |||
| } | |||
| [HttpGet] | |||
| public IActionResult AccessDenied() | |||
| { | |||
| return View(); | |||
| } | |||
| /*****************************************/ | |||
| /* helper APIs for the AccountController */ | |||
| /*****************************************/ | |||
| private async Task<LoginViewModel> BuildLoginViewModelAsync(string returnUrl) | |||
| { | |||
| var context = await _interaction.GetAuthorizationContextAsync(returnUrl); | |||
| if (context?.IdP != null && await _schemeProvider.GetSchemeAsync(context.IdP) != null) | |||
| { | |||
| var local = context.IdP == IdentityServerConstants.LocalIdentityProvider; | |||
| // this is meant to short circuit the UI and only trigger the one external IdP | |||
| var vm = new LoginViewModel | |||
| { | |||
| EnableLocalLogin = local, | |||
| ReturnUrl = returnUrl, | |||
| Username = context?.LoginHint, | |||
| }; | |||
| if (!local) | |||
| { | |||
| vm.ExternalProviders = new[] { new ExternalProvider { AuthenticationScheme = context.IdP } }; | |||
| } | |||
| return vm; | |||
| } | |||
| var schemes = await _schemeProvider.GetAllSchemesAsync(); | |||
| var providers = schemes | |||
| .Where(x => x.DisplayName != null) | |||
| .Select(x => new ExternalProvider | |||
| { | |||
| DisplayName = x.DisplayName ?? x.Name, | |||
| AuthenticationScheme = x.Name | |||
| }).ToList(); | |||
| var allowLocal = true; | |||
| if (context?.Client.ClientId != null) | |||
| { | |||
| var client = await _clientStore.FindEnabledClientByIdAsync(context.Client.ClientId); | |||
| if (client != null) | |||
| { | |||
| allowLocal = client.EnableLocalLogin; | |||
| if (client.IdentityProviderRestrictions != null && client.IdentityProviderRestrictions.Any()) | |||
| { | |||
| providers = providers.Where(provider => client.IdentityProviderRestrictions.Contains(provider.AuthenticationScheme)).ToList(); | |||
| } | |||
| } | |||
| } | |||
| return new LoginViewModel | |||
| { | |||
| AllowRememberLogin = AccountOptions.AllowRememberLogin, | |||
| EnableLocalLogin = allowLocal && AccountOptions.AllowLocalLogin, | |||
| ReturnUrl = returnUrl, | |||
| Username = context?.LoginHint, | |||
| ExternalProviders = providers.ToArray() | |||
| }; | |||
| } | |||
| private async Task<LoginViewModel> BuildLoginViewModelAsync(LoginInputModel model) | |||
| { | |||
| var vm = await BuildLoginViewModelAsync(model.ReturnUrl); | |||
| vm.Username = model.Username; | |||
| vm.RememberLogin = model.RememberLogin; | |||
| return vm; | |||
| } | |||
| private async Task<LogoutViewModel> BuildLogoutViewModelAsync(string logoutId) | |||
| { | |||
| var vm = new LogoutViewModel { LogoutId = logoutId, ShowLogoutPrompt = AccountOptions.ShowLogoutPrompt }; | |||
| if (User?.Identity.IsAuthenticated != true) | |||
| { | |||
| // if the user is not authenticated, then just show logged out page | |||
| vm.ShowLogoutPrompt = false; | |||
| return vm; | |||
| } | |||
| var context = await _interaction.GetLogoutContextAsync(logoutId); | |||
| if (context?.ShowSignoutPrompt == false) | |||
| { | |||
| // it's safe to automatically sign-out | |||
| vm.ShowLogoutPrompt = false; | |||
| return vm; | |||
| } | |||
| // show the logout prompt. this prevents attacks where the user | |||
| // is automatically signed out by another malicious web page. | |||
| return vm; | |||
| } | |||
| private async Task<LoggedOutViewModel> BuildLoggedOutViewModelAsync(string logoutId) | |||
| { | |||
| // get context information (client name, post logout redirect URI and iframe for federated signout) | |||
| var logout = await _interaction.GetLogoutContextAsync(logoutId); | |||
| var vm = new LoggedOutViewModel | |||
| { | |||
| AutomaticRedirectAfterSignOut = AccountOptions.AutomaticRedirectAfterSignOut, | |||
| PostLogoutRedirectUri = logout?.PostLogoutRedirectUri, | |||
| ClientName = string.IsNullOrEmpty(logout?.ClientName) ? logout?.ClientId : logout?.ClientName, | |||
| SignOutIframeUrl = logout?.SignOutIFrameUrl, | |||
| LogoutId = logoutId | |||
| }; | |||
| if (User?.Identity.IsAuthenticated == true) | |||
| { | |||
| var idp = User.FindFirst(JwtClaimTypes.IdentityProvider)?.Value; | |||
| if (idp != null && idp != IdentityServerConstants.LocalIdentityProvider) | |||
| { | |||
| var handler = await _handlerProvider.GetHandlerAsync(HttpContext, idp); | |||
| if (handler is IAuthenticationSignOutHandler) | |||
| { | |||
| if (vm.LogoutId == null) | |||
| { | |||
| // if there's no current logout context, we need to create one | |||
| // this captures necessary info from the current logged in user | |||
| // before we signout and redirect away to the external IdP for signout | |||
| vm.LogoutId = await _interaction.CreateLogoutContextAsync(); | |||
| } | |||
| vm.ExternalAuthenticationScheme = idp; | |||
| } | |||
| } | |||
| } | |||
| return vm; | |||
| } | |||
| } | |||
| } | |||
+ 16
- 0
src/Services/Identity/Identity.API/Quickstart/Account/AccountOptions.cs
View File
| @ -0,0 +1,16 @@ | |||
| // Copyright (c) Brock Allen & Dominick Baier. All rights reserved. | |||
| // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. | |||
| namespace IdentityServerHost.Quickstart.UI; | |||
| public class AccountOptions | |||
| { | |||
| public static bool AllowLocalLogin = true; | |||
| public static bool AllowRememberLogin = true; | |||
| public static TimeSpan RememberMeLoginDuration = TimeSpan.FromDays(30); | |||
| public static bool ShowLogoutPrompt = false; | |||
| public static bool AutomaticRedirectAfterSignOut = true; | |||
| public static string InvalidCredentialsErrorMessage = "Invalid username or password"; | |||
| } | |||
+ 238
- 0
src/Services/Identity/Identity.API/Quickstart/Account/ExternalController.cs
View File
| @ -0,0 +1,238 @@ | |||
| namespace IdentityServerHost.Quickstart.UI; | |||
| [SecurityHeaders] | |||
| [AllowAnonymous] | |||
| public class ExternalController : Controller | |||
| { | |||
| private readonly UserManager<ApplicationUser> _userManager; | |||
| private readonly SignInManager<ApplicationUser> _signInManager; | |||
| private readonly IIdentityServerInteractionService _interaction; | |||
| private readonly IClientStore _clientStore; | |||
| private readonly IEventService _events; | |||
| private readonly ILogger<ExternalController> _logger; | |||
| public ExternalController( | |||
| UserManager<ApplicationUser> userManager, | |||
| SignInManager<ApplicationUser> signInManager, | |||
| IIdentityServerInteractionService interaction, | |||
| IClientStore clientStore, | |||
| IEventService events, | |||
| ILogger<ExternalController> logger) | |||
| { | |||
| _userManager = userManager; | |||
| _signInManager = signInManager; | |||
| _interaction = interaction; | |||
| _clientStore = clientStore; | |||
| _events = events; | |||
| _logger = logger; | |||
| } | |||
| /// <summary> | |||
| /// initiate roundtrip to external authentication provider | |||
| /// </summary> | |||
| [HttpGet] | |||
| public IActionResult Challenge(string scheme, string returnUrl) | |||
| { | |||
| if (string.IsNullOrEmpty(returnUrl)) returnUrl = "~/"; | |||
| // validate returnUrl - either it is a valid OIDC URL or back to a local page | |||
| if (Url.IsLocalUrl(returnUrl) == false && _interaction.IsValidReturnUrl(returnUrl) == false) | |||
| { | |||
| // user might have clicked on a malicious link - should be logged | |||
| throw new Exception("invalid return URL"); | |||
| } | |||
| // start challenge and roundtrip the return URL and scheme | |||
| var props = new AuthenticationProperties | |||
| { | |||
| RedirectUri = Url.Action(nameof(Callback)), | |||
| Items = | |||
| { | |||
| { "returnUrl", returnUrl }, | |||
| { "scheme", scheme }, | |||
| } | |||
| }; | |||
| return Challenge(props, scheme); | |||
| } | |||
| /// <summary> | |||
| /// Post processing of external authentication | |||
| /// </summary> | |||
| [HttpGet] | |||
| public async Task<IActionResult> Callback() | |||
| { | |||
| // read external identity from the temporary cookie | |||
| var result = await HttpContext.AuthenticateAsync(IdentityServerConstants.ExternalCookieAuthenticationScheme); | |||
| if (result?.Succeeded != true) | |||
| { | |||
| throw new Exception("External authentication error"); | |||
| } | |||
| if (_logger.IsEnabled(LogLevel.Debug)) | |||
| { | |||
| var externalClaims = result.Principal.Claims.Select(c => $"{c.Type}: {c.Value}"); | |||
| _logger.LogDebug("External claims: {@claims}", externalClaims); | |||
| } | |||
| // lookup our user and external provider info | |||
| var (user, provider, providerUserId, claims) = await FindUserFromExternalProviderAsync(result); | |||
| if (user == null) | |||
| { | |||
| // this might be where you might initiate a custom workflow for user registration | |||
| // in this sample we don't show how that would be done, as our sample implementation | |||
| // simply auto-provisions new external user | |||
| user = await AutoProvisionUserAsync(provider, providerUserId, claims); | |||
| } | |||
| // this allows us to collect any additional claims or properties | |||
| // for the specific protocols used and store them in the local auth cookie. | |||
| // this is typically used to store data needed for signout from those protocols. | |||
| var additionalLocalClaims = new List<Claim>(); | |||
| var localSignInProps = new AuthenticationProperties(); | |||
| ProcessLoginCallback(result, additionalLocalClaims, localSignInProps); | |||
| // issue authentication cookie for user | |||
| // we must issue the cookie maually, and can't use the SignInManager because | |||
| // it doesn't expose an API to issue additional claims from the login workflow | |||
| var principal = await _signInManager.CreateUserPrincipalAsync(user); | |||
| additionalLocalClaims.AddRange(principal.Claims); | |||
| var name = principal.FindFirst(JwtClaimTypes.Name)?.Value ?? user.Id; | |||
| var isuser = new IdentityServerUser(user.Id) | |||
| { | |||
| DisplayName = name, | |||
| IdentityProvider = provider, | |||
| AdditionalClaims = additionalLocalClaims | |||
| }; | |||
| await HttpContext.SignInAsync(isuser, localSignInProps); | |||
| // delete temporary cookie used during external authentication | |||
| await HttpContext.SignOutAsync(IdentityServerConstants.ExternalCookieAuthenticationScheme); | |||
| // retrieve return URL | |||
| var returnUrl = result.Properties.Items["returnUrl"] ?? "~/"; | |||
| // check if external login is in the context of an OIDC request | |||
| var context = await _interaction.GetAuthorizationContextAsync(returnUrl); | |||
| await _events.RaiseAsync(new UserLoginSuccessEvent(provider, providerUserId, user.Id, name, true, context?.Client.ClientId)); | |||
| if (context != null) | |||
| { | |||
| if (context.IsNativeClient()) | |||
| { | |||
| // The client is native, so this change in how to | |||
| // return the response is for better UX for the end user. | |||
| return this.LoadingPage("Redirect", returnUrl); | |||
| } | |||
| } | |||
| return Redirect(returnUrl); | |||
| } | |||
| private async Task<(ApplicationUser user, string provider, string providerUserId, IEnumerable<Claim> claims)> | |||
| FindUserFromExternalProviderAsync(AuthenticateResult result) | |||
| { | |||
| var externalUser = result.Principal; | |||
| // try to determine the unique id of the external user (issued by the provider) | |||
| // the most common claim type for that are the sub claim and the NameIdentifier | |||
| // depending on the external provider, some other claim type might be used | |||
| var userIdClaim = externalUser.FindFirst(JwtClaimTypes.Subject) ?? | |||
| externalUser.FindFirst(ClaimTypes.NameIdentifier) ?? | |||
| throw new Exception("Unknown userid"); | |||
| // remove the user id claim so we don't include it as an extra claim if/when we provision the user | |||
| var claims = externalUser.Claims.ToList(); | |||
| claims.Remove(userIdClaim); | |||
| var provider = result.Properties.Items["scheme"]; | |||
| var providerUserId = userIdClaim.Value; | |||
| // find external user | |||
| var user = await _userManager.FindByLoginAsync(provider, providerUserId); | |||
| return (user, provider, providerUserId, claims); | |||
| } | |||
| private async Task<ApplicationUser> AutoProvisionUserAsync(string provider, string providerUserId, IEnumerable<Claim> claims) | |||
| { | |||
| // create a list of claims that we want to transfer into our store | |||
| var filtered = new List<Claim>(); | |||
| // user's display name | |||
| var name = claims.FirstOrDefault(x => x.Type == JwtClaimTypes.Name)?.Value ?? | |||
| claims.FirstOrDefault(x => x.Type == ClaimTypes.Name)?.Value; | |||
| if (name != null) | |||
| { | |||
| filtered.Add(new Claim(JwtClaimTypes.Name, name)); | |||
| } | |||
| else | |||
| { | |||
| var first = claims.FirstOrDefault(x => x.Type == JwtClaimTypes.GivenName)?.Value ?? | |||
| claims.FirstOrDefault(x => x.Type == ClaimTypes.GivenName)?.Value; | |||
| var last = claims.FirstOrDefault(x => x.Type == JwtClaimTypes.FamilyName)?.Value ?? | |||
| claims.FirstOrDefault(x => x.Type == ClaimTypes.Surname)?.Value; | |||
| if (first != null && last != null) | |||
| { | |||
| filtered.Add(new Claim(JwtClaimTypes.Name, first + " " + last)); | |||
| } | |||
| else if (first != null) | |||
| { | |||
| filtered.Add(new Claim(JwtClaimTypes.Name, first)); | |||
| } | |||
| else if (last != null) | |||
| { | |||
| filtered.Add(new Claim(JwtClaimTypes.Name, last)); | |||
| } | |||
| } | |||
| var email = claims.FirstOrDefault(x => x.Type == JwtClaimTypes.Email)?.Value ?? | |||
| claims.FirstOrDefault(x => x.Type == ClaimTypes.Email)?.Value; | |||
| if (email != null) | |||
| { | |||
| filtered.Add(new Claim(JwtClaimTypes.Email, email)); | |||
| } | |||
| var user = new ApplicationUser | |||
| { | |||
| UserName = Guid.NewGuid().ToString(), | |||
| }; | |||
| var identityResult = await _userManager.CreateAsync(user); | |||
| if (!identityResult.Succeeded) throw new Exception(identityResult.Errors.First().Description); | |||
| if (filtered.Any()) | |||
| { | |||
| identityResult = await _userManager.AddClaimsAsync(user, filtered); | |||
| if (!identityResult.Succeeded) throw new Exception(identityResult.Errors.First().Description); | |||
| } | |||
| identityResult = await _userManager.AddLoginAsync(user, new UserLoginInfo(provider, providerUserId, provider)); | |||
| if (!identityResult.Succeeded) throw new Exception(identityResult.Errors.First().Description); | |||
| return user; | |||
| } | |||
| // if the external login is OIDC-based, there are certain things we need to preserve to make logout work | |||
| // this will be different for WS-Fed, SAML2p or other protocols | |||
| private void ProcessLoginCallback(AuthenticateResult externalResult, List<Claim> localClaims, AuthenticationProperties localSignInProps) | |||
| { | |||
| // if the external system sent a session id claim, copy it over | |||
| // so we can use it for single sign-out | |||
| var sid = externalResult.Principal.Claims.FirstOrDefault(x => x.Type == JwtClaimTypes.SessionId); | |||
| if (sid != null) | |||
| { | |||
| localClaims.Add(new Claim(JwtClaimTypes.SessionId, sid.Value)); | |||
| } | |||
| // if the external provider issued an id_token, we'll keep it for signout | |||
| var idToken = externalResult.Properties.GetTokenValue("id_token"); | |||
| if (idToken != null) | |||
| { | |||
| localSignInProps.StoreTokens(new[] { new AuthenticationToken { Name = "id_token", Value = idToken } }); | |||
| } | |||
| } | |||
| } | |||
+ 10
- 0
src/Services/Identity/Identity.API/Quickstart/Account/ExternalProvider.cs
View File
| @ -0,0 +1,10 @@ | |||
| // Copyright (c) Brock Allen & Dominick Baier. All rights reserved. | |||
| // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. | |||
| namespace IdentityServerHost.Quickstart.UI; | |||
| public class ExternalProvider | |||
| { | |||
| public string DisplayName { get; set; } | |||
| public string AuthenticationScheme { get; set; } | |||
| } | |||
+ 18
- 0
src/Services/Identity/Identity.API/Quickstart/Account/LoggedOutViewModel.cs
View File
| @ -0,0 +1,18 @@ | |||
| // Copyright (c) Brock Allen & Dominick Baier. All rights reserved. | |||
| // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. | |||
| namespace IdentityServerHost.Quickstart.UI; | |||
| public class LoggedOutViewModel | |||
| { | |||
| public string PostLogoutRedirectUri { get; set; } | |||
| public string ClientName { get; set; } | |||
| public string SignOutIframeUrl { get; set; } | |||
| public bool AutomaticRedirectAfterSignOut { get; set; } | |||
| public string LogoutId { get; set; } | |||
| public bool TriggerExternalSignout => ExternalAuthenticationScheme != null; | |||
| public string ExternalAuthenticationScheme { get; set; } | |||
| } | |||
+ 15
- 0
src/Services/Identity/Identity.API/Quickstart/Account/LoginInputModel.cs
View File
| @ -0,0 +1,15 @@ | |||
| // Copyright (c) Brock Allen & Dominick Baier. All rights reserved. | |||
| // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. | |||
| namespace IdentityServerHost.Quickstart.UI; | |||
| public class LoginInputModel | |||
| { | |||
| [Required] | |||
| public string Username { get; set; } | |||
| [Required] | |||
| public string Password { get; set; } | |||
| public bool RememberLogin { get; set; } | |||
| public string ReturnUrl { get; set; } | |||
| } | |||
+ 17
- 0
src/Services/Identity/Identity.API/Quickstart/Account/LoginViewModel.cs
View File
| @ -0,0 +1,17 @@ | |||
| // Copyright (c) Brock Allen & Dominick Baier. All rights reserved. | |||
| // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. | |||
| namespace IdentityServerHost.Quickstart.UI; | |||
| public class LoginViewModel : LoginInputModel | |||
| { | |||
| public bool AllowRememberLogin { get; set; } = true; | |||
| public bool EnableLocalLogin { get; set; } = true; | |||
| public IEnumerable<ExternalProvider> ExternalProviders { get; set; } = Enumerable.Empty<ExternalProvider>(); | |||
| public IEnumerable<ExternalProvider> VisibleExternalProviders => ExternalProviders.Where(x => !String.IsNullOrWhiteSpace(x.DisplayName)); | |||
| public bool IsExternalLoginOnly => EnableLocalLogin == false && ExternalProviders?.Count() == 1; | |||
| public string ExternalLoginScheme => IsExternalLoginOnly ? ExternalProviders?.SingleOrDefault()?.AuthenticationScheme : null; | |||
| } | |||
+ 10
- 0
src/Services/Identity/Identity.API/Quickstart/Account/LogoutInputModel.cs
View File
| @ -0,0 +1,10 @@ | |||
| // Copyright (c) Brock Allen & Dominick Baier. All rights reserved. | |||
| // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. | |||
| namespace IdentityServerHost.Quickstart.UI; | |||
| public class LogoutInputModel | |||
| { | |||
| public string LogoutId { get; set; } | |||
| } | |||
+ 10
- 0
src/Services/Identity/Identity.API/Quickstart/Account/LogoutViewModel.cs
View File
| @ -0,0 +1,10 @@ | |||
| // Copyright (c) Brock Allen & Dominick Baier. All rights reserved. | |||
| // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. | |||
| namespace IdentityServerHost.Quickstart.UI; | |||
| public class LogoutViewModel : LogoutInputModel | |||
| { | |||
| public bool ShowLogoutPrompt { get; set; } = true; | |||
| } | |||
+ 11
- 0
src/Services/Identity/Identity.API/Quickstart/Account/RedirectViewModel.cs
View File
| @ -0,0 +1,11 @@ | |||
| // Copyright (c) Brock Allen & Dominick Baier. All rights reserved. | |||
| // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. | |||
| namespace IdentityServerHost.Quickstart.UI; | |||
| public class RedirectViewModel | |||
| { | |||
| public string RedirectUrl { get; set; } | |||
| } | |||
+ 247
- 0
src/Services/Identity/Identity.API/Quickstart/Consent/ConsentController.cs
View File
| @ -0,0 +1,247 @@ | |||
| // Copyright (c) Brock Allen & Dominick Baier. All rights reserved. | |||
| // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. | |||
| namespace IdentityServerHost.Quickstart.UI; | |||
| /// <summary> | |||
| /// This controller processes the consent UI | |||
| /// </summary> | |||
| [SecurityHeaders] | |||
| [Authorize] | |||
| public class ConsentController : Controller | |||
| { | |||
| private readonly IIdentityServerInteractionService _interaction; | |||
| private readonly IEventService _events; | |||
| private readonly ILogger<ConsentController> _logger; | |||
| public ConsentController( | |||
| IIdentityServerInteractionService interaction, | |||
| IEventService events, | |||
| ILogger<ConsentController> logger) | |||
| { | |||
| _interaction = interaction; | |||
| _events = events; | |||
| _logger = logger; | |||
| } | |||
| /// <summary> | |||
| /// Shows the consent screen | |||
| /// </summary> | |||
| /// <param name="returnUrl"></param> | |||
| /// <returns></returns> | |||
| [HttpGet] | |||
| public async Task<IActionResult> Index(string returnUrl) | |||
| { | |||
| var vm = await BuildViewModelAsync(returnUrl); | |||
| if (vm != null) | |||
| { | |||
| return View("Index", vm); | |||
| } | |||
| return View("Error"); | |||
| } | |||
| /// <summary> | |||
| /// Handles the consent screen postback | |||
| /// </summary> | |||
| [HttpPost] | |||
| [ValidateAntiForgeryToken] | |||
| public async Task<IActionResult> Index(ConsentInputModel model) | |||
| { | |||
| var result = await ProcessConsent(model); | |||
| if (result.IsRedirect) | |||
| { | |||
| var context = await _interaction.GetAuthorizationContextAsync(model.ReturnUrl); | |||
| if (context?.IsNativeClient() == true) | |||
| { | |||
| // The client is native, so this change in how to | |||
| // return the response is for better UX for the end user. | |||
| return this.LoadingPage("Redirect", result.RedirectUri); | |||
| } | |||
| return Redirect(result.RedirectUri); | |||
| } | |||
| if (result.HasValidationError) | |||
| { | |||
| ModelState.AddModelError(string.Empty, result.ValidationError); | |||
| } | |||
| if (result.ShowView) | |||
| { | |||
| return View("Index", result.ViewModel); | |||
| } | |||
| return View("Error"); | |||
| } | |||
| /*****************************************/ | |||
| /* helper APIs for the ConsentController */ | |||
| /*****************************************/ | |||
| private async Task<ProcessConsentResult> ProcessConsent(ConsentInputModel model) | |||
| { | |||
| var result = new ProcessConsentResult(); | |||
| // validate return url is still valid | |||
| var request = await _interaction.GetAuthorizationContextAsync(model.ReturnUrl); | |||
| if (request == null) return result; | |||
| ConsentResponse grantedConsent = null; | |||
| // user clicked 'no' - send back the standard 'access_denied' response | |||
| if (model?.Button == "no") | |||
| { | |||
| grantedConsent = new ConsentResponse { Error = AuthorizationError.AccessDenied }; | |||
| // emit event | |||
| await _events.RaiseAsync(new ConsentDeniedEvent(User.GetSubjectId(), request.Client.ClientId, request.ValidatedResources.RawScopeValues)); | |||
| } | |||
| // user clicked 'yes' - validate the data | |||
| else if (model?.Button == "yes") | |||
| { | |||
| // if the user consented to some scope, build the response model | |||
| if (model.ScopesConsented != null && model.ScopesConsented.Any()) | |||
| { | |||
| var scopes = model.ScopesConsented; | |||
| if (ConsentOptions.EnableOfflineAccess == false) | |||
| { | |||
| scopes = scopes.Where(x => x != IdentityServerConstants.StandardScopes.OfflineAccess); | |||
| } | |||
| grantedConsent = new ConsentResponse | |||
| { | |||
| RememberConsent = model.RememberConsent, | |||
| ScopesValuesConsented = scopes.ToArray(), | |||
| Description = model.Description | |||
| }; | |||
| // emit event | |||
| await _events.RaiseAsync(new ConsentGrantedEvent(User.GetSubjectId(), request.Client.ClientId, request.ValidatedResources.RawScopeValues, grantedConsent.ScopesValuesConsented, grantedConsent.RememberConsent)); | |||
| } | |||
| else | |||
| { | |||
| result.ValidationError = ConsentOptions.MustChooseOneErrorMessage; | |||
| } | |||
| } | |||
| else | |||
| { | |||
| result.ValidationError = ConsentOptions.InvalidSelectionErrorMessage; | |||
| } | |||
| if (grantedConsent != null) | |||
| { | |||
| // communicate outcome of consent back to identityserver | |||
| await _interaction.GrantConsentAsync(request, grantedConsent); | |||
| // indicate that's it ok to redirect back to authorization endpoint | |||
| result.RedirectUri = model.ReturnUrl; | |||
| result.Client = request.Client; | |||
| } | |||
| else | |||
| { | |||
| // we need to redisplay the consent UI | |||
| result.ViewModel = await BuildViewModelAsync(model.ReturnUrl, model); | |||
| } | |||
| return result; | |||
| } | |||
| private async Task<ConsentViewModel> BuildViewModelAsync(string returnUrl, ConsentInputModel model = null) | |||
| { | |||
| var request = await _interaction.GetAuthorizationContextAsync(returnUrl); | |||
| if (request != null) | |||
| { | |||
| return CreateConsentViewModel(model, returnUrl, request); | |||
| } | |||
| else | |||
| { | |||
| _logger.LogError("No consent request matching request: {0}", returnUrl); | |||
| } | |||
| return null; | |||
| } | |||
| private ConsentViewModel CreateConsentViewModel( | |||
| ConsentInputModel model, string returnUrl, | |||
| AuthorizationRequest request) | |||
| { | |||
| var vm = new ConsentViewModel | |||
| { | |||
| RememberConsent = model?.RememberConsent ?? true, | |||
| ScopesConsented = model?.ScopesConsented ?? Enumerable.Empty<string>(), | |||
| Description = model?.Description, | |||
| ReturnUrl = returnUrl, | |||
| ClientName = request.Client.ClientName ?? request.Client.ClientId, | |||
| ClientUrl = request.Client.ClientUri, | |||
| ClientLogoUrl = request.Client.LogoUri, | |||
| AllowRememberConsent = request.Client.AllowRememberConsent | |||
| }; | |||
| vm.IdentityScopes = request.ValidatedResources.Resources.IdentityResources.Select(x => CreateScopeViewModel(x, vm.ScopesConsented.Contains(x.Name) || model == null)).ToArray(); | |||
| var apiScopes = new List<ScopeViewModel>(); | |||
| foreach (var parsedScope in request.ValidatedResources.ParsedScopes) | |||
| { | |||
| var apiScope = request.ValidatedResources.Resources.FindApiScope(parsedScope.ParsedName); | |||
| if (apiScope != null) | |||
| { | |||
| var scopeVm = CreateScopeViewModel(parsedScope, apiScope, vm.ScopesConsented.Contains(parsedScope.RawValue) || model == null); | |||
| apiScopes.Add(scopeVm); | |||
| } | |||
| } | |||
| if (ConsentOptions.EnableOfflineAccess && request.ValidatedResources.Resources.OfflineAccess) | |||
| { | |||
| apiScopes.Add(GetOfflineAccessScope(vm.ScopesConsented.Contains(IdentityServerConstants.StandardScopes.OfflineAccess) || model == null)); | |||
| } | |||
| vm.ApiScopes = apiScopes; | |||
| return vm; | |||
| } | |||
| private ScopeViewModel CreateScopeViewModel(IdentityResource identity, bool check) | |||
| { | |||
| return new ScopeViewModel | |||
| { | |||
| Value = identity.Name, | |||
| DisplayName = identity.DisplayName ?? identity.Name, | |||
| Description = identity.Description, | |||
| Emphasize = identity.Emphasize, | |||
| Required = identity.Required, | |||
| Checked = check || identity.Required | |||
| }; | |||
| } | |||
| public ScopeViewModel CreateScopeViewModel(ParsedScopeValue parsedScopeValue, ApiScope apiScope, bool check) | |||
| { | |||
| var displayName = apiScope.DisplayName ?? apiScope.Name; | |||
| if (!String.IsNullOrWhiteSpace(parsedScopeValue.ParsedParameter)) | |||
| { | |||
| displayName += ":" + parsedScopeValue.ParsedParameter; | |||
| } | |||
| return new ScopeViewModel | |||
| { | |||
| Value = parsedScopeValue.RawValue, | |||
| DisplayName = displayName, | |||
| Description = apiScope.Description, | |||
| Emphasize = apiScope.Emphasize, | |||
| Required = apiScope.Required, | |||
| Checked = check || apiScope.Required | |||
| }; | |||
| } | |||
| private ScopeViewModel GetOfflineAccessScope(bool check) | |||
| { | |||
| return new ScopeViewModel | |||
| { | |||
| Value = IdentityServerConstants.StandardScopes.OfflineAccess, | |||
| DisplayName = ConsentOptions.OfflineAccessDisplayName, | |||
| Description = ConsentOptions.OfflineAccessDescription, | |||
| Emphasize = true, | |||
| Checked = check | |||
| }; | |||
| } | |||
| } | |||
+ 14
- 0
src/Services/Identity/Identity.API/Quickstart/Consent/ConsentInputModel.cs
View File
| @ -0,0 +1,14 @@ | |||
| // Copyright (c) Brock Allen & Dominick Baier. All rights reserved. | |||
| // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. | |||
| namespace IdentityServerHost.Quickstart.UI; | |||
| public class ConsentInputModel | |||
| { | |||
| public string Button { get; set; } | |||
| public IEnumerable<string> ScopesConsented { get; set; } | |||
| public bool RememberConsent { get; set; } | |||
| public string ReturnUrl { get; set; } | |||
| public string Description { get; set; } | |||
| } | |||
+ 15
- 0
src/Services/Identity/Identity.API/Quickstart/Consent/ConsentOptions.cs
View File
| @ -0,0 +1,15 @@ | |||
| // Copyright (c) Brock Allen & Dominick Baier. All rights reserved. | |||
| // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. | |||
| namespace IdentityServerHost.Quickstart.UI; | |||
| public class ConsentOptions | |||
| { | |||
| public static bool EnableOfflineAccess = true; | |||
| public static string OfflineAccessDisplayName = "Offline Access"; | |||
| public static string OfflineAccessDescription = "Access to your applications and resources, even when you are offline"; | |||
| public static readonly string MustChooseOneErrorMessage = "You must pick at least one permission"; | |||
| public static readonly string InvalidSelectionErrorMessage = "Invalid selection"; | |||
| } | |||
+ 16
- 0
src/Services/Identity/Identity.API/Quickstart/Consent/ConsentViewModel.cs
View File
| @ -0,0 +1,16 @@ | |||
| // Copyright (c) Brock Allen & Dominick Baier. All rights reserved. | |||
| // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. | |||
| namespace IdentityServerHost.Quickstart.UI; | |||
| public class ConsentViewModel : ConsentInputModel | |||
| { | |||
| public string ClientName { get; set; } | |||
| public string ClientUrl { get; set; } | |||
| public string ClientLogoUrl { get; set; } | |||
| public bool AllowRememberConsent { get; set; } | |||
| public IEnumerable<ScopeViewModel> IdentityScopes { get; set; } | |||
| public IEnumerable<ScopeViewModel> ApiScopes { get; set; } | |||
| } | |||
+ 17
- 0
src/Services/Identity/Identity.API/Quickstart/Consent/ProcessConsentResult.cs
View File
| @ -0,0 +1,17 @@ | |||
| // Copyright (c) Brock Allen & Dominick Baier. All rights reserved. | |||
| // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. | |||
| namespace IdentityServerHost.Quickstart.UI; | |||
| public class ProcessConsentResult | |||
| { | |||
| public bool IsRedirect => RedirectUri != null; | |||
| public string RedirectUri { get; set; } | |||
| public Client Client { get; set; } | |||
| public bool ShowView => ViewModel != null; | |||
| public ConsentViewModel ViewModel { get; set; } | |||
| public bool HasValidationError => ValidationError != null; | |||
| public string ValidationError { get; set; } | |||
| } | |||
+ 15
- 0
src/Services/Identity/Identity.API/Quickstart/Consent/ScopeViewModel.cs
View File
| @ -0,0 +1,15 @@ | |||
| // Copyright (c) Brock Allen & Dominick Baier. All rights reserved. | |||
| // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. | |||
| namespace IdentityServerHost.Quickstart.UI; | |||
| public class ScopeViewModel | |||
| { | |||
| public string Value { get; set; } | |||
| public string DisplayName { get; set; } | |||
| public string Description { get; set; } | |||
| public bool Emphasize { get; set; } | |||
| public bool Required { get; set; } | |||
| public bool Checked { get; set; } | |||
| } | |||
+ 10
- 0
src/Services/Identity/Identity.API/Quickstart/Device/DeviceAuthorizationInputModel.cs
View File
| @ -0,0 +1,10 @@ | |||
| // Copyright (c) Brock Allen & Dominick Baier. All rights reserved. | |||
| // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. | |||
| namespace IdentityServerHost.Quickstart.UI; | |||
| public class DeviceAuthorizationInputModel : ConsentInputModel | |||
| { | |||
| public string UserCode { get; set; } | |||
| } | |||
+ 11
- 0
src/Services/Identity/Identity.API/Quickstart/Device/DeviceAuthorizationViewModel.cs
View File
| @ -0,0 +1,11 @@ | |||
| // Copyright (c) Brock Allen & Dominick Baier. All rights reserved. | |||
| // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. | |||
| namespace IdentityServerHost.Quickstart.UI; | |||
| public class DeviceAuthorizationViewModel : ConsentViewModel | |||
| { | |||
| public string UserCode { get; set; } | |||
| public bool ConfirmUserCode { get; set; } | |||
| } | |||
+ 214
- 0
src/Services/Identity/Identity.API/Quickstart/Device/DeviceController.cs
View File
| @ -0,0 +1,214 @@ | |||
| // Copyright (c) Brock Allen & Dominick Baier. All rights reserved. | |||
| // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. | |||
| namespace IdentityServerHost.Quickstart.UI; | |||
| [Authorize] | |||
| [SecurityHeaders] | |||
| public class DeviceController : Controller | |||
| { | |||
| private readonly IDeviceFlowInteractionService _interaction; | |||
| private readonly IEventService _events; | |||
| private readonly IOptions<IdentityServerOptions> _options; | |||
| private readonly ILogger<DeviceController> _logger; | |||
| public DeviceController( | |||
| IDeviceFlowInteractionService interaction, | |||
| IEventService eventService, | |||
| IOptions<IdentityServerOptions> options, | |||
| ILogger<DeviceController> logger) | |||
| { | |||
| _interaction = interaction; | |||
| _events = eventService; | |||
| _options = options; | |||
| _logger = logger; | |||
| } | |||
| [HttpGet] | |||
| public async Task<IActionResult> Index() | |||
| { | |||
| string userCodeParamName = _options.Value.UserInteraction.DeviceVerificationUserCodeParameter; | |||
| string userCode = Request.Query[userCodeParamName]; | |||
| if (string.IsNullOrWhiteSpace(userCode)) return View("UserCodeCapture"); | |||
| var vm = await BuildViewModelAsync(userCode); | |||
| if (vm == null) return View("Error"); | |||
| vm.ConfirmUserCode = true; | |||
| return View("UserCodeConfirmation", vm); | |||
| } | |||
| [HttpPost] | |||
| [ValidateAntiForgeryToken] | |||
| public async Task<IActionResult> UserCodeCapture(string userCode) | |||
| { | |||
| var vm = await BuildViewModelAsync(userCode); | |||
| if (vm == null) return View("Error"); | |||
| return View("UserCodeConfirmation", vm); | |||
| } | |||
| [HttpPost] | |||
| [ValidateAntiForgeryToken] | |||
| public async Task<IActionResult> Callback(DeviceAuthorizationInputModel model) | |||
| { | |||
| if (model == null) throw new ArgumentNullException(nameof(model)); | |||
| var result = await ProcessConsent(model); | |||
| if (result.HasValidationError) return View("Error"); | |||
| return View("Success"); | |||
| } | |||
| private async Task<ProcessConsentResult> ProcessConsent(DeviceAuthorizationInputModel model) | |||
| { | |||
| var result = new ProcessConsentResult(); | |||
| var request = await _interaction.GetAuthorizationContextAsync(model.UserCode); | |||
| if (request == null) return result; | |||
| ConsentResponse grantedConsent = null; | |||
| // user clicked 'no' - send back the standard 'access_denied' response | |||
| if (model.Button == "no") | |||
| { | |||
| grantedConsent = new ConsentResponse { Error = AuthorizationError.AccessDenied }; | |||
| // emit event | |||
| await _events.RaiseAsync(new ConsentDeniedEvent(User.GetSubjectId(), request.Client.ClientId, request.ValidatedResources.RawScopeValues)); | |||
| } | |||
| // user clicked 'yes' - validate the data | |||
| else if (model.Button == "yes") | |||
| { | |||
| // if the user consented to some scope, build the response model | |||
| if (model.ScopesConsented != null && model.ScopesConsented.Any()) | |||
| { | |||
| var scopes = model.ScopesConsented; | |||
| if (ConsentOptions.EnableOfflineAccess == false) | |||
| { | |||
| scopes = scopes.Where(x => x != IdentityServerConstants.StandardScopes.OfflineAccess); | |||
| } | |||
| grantedConsent = new ConsentResponse | |||
| { | |||
| RememberConsent = model.RememberConsent, | |||
| ScopesValuesConsented = scopes.ToArray(), | |||
| Description = model.Description | |||
| }; | |||
| // emit event | |||
| await _events.RaiseAsync(new ConsentGrantedEvent(User.GetSubjectId(), request.Client.ClientId, request.ValidatedResources.RawScopeValues, grantedConsent.ScopesValuesConsented, grantedConsent.RememberConsent)); | |||
| } | |||
| else | |||
| { | |||
| result.ValidationError = ConsentOptions.MustChooseOneErrorMessage; | |||
| } | |||
| } | |||
| else | |||
| { | |||
| result.ValidationError = ConsentOptions.InvalidSelectionErrorMessage; | |||
| } | |||
| if (grantedConsent != null) | |||
| { | |||
| // communicate outcome of consent back to identityserver | |||
| await _interaction.HandleRequestAsync(model.UserCode, grantedConsent); | |||
| // indicate that's it ok to redirect back to authorization endpoint | |||
| result.RedirectUri = model.ReturnUrl; | |||
| result.Client = request.Client; | |||
| } | |||
| else | |||
| { | |||
| // we need to redisplay the consent UI | |||
| result.ViewModel = await BuildViewModelAsync(model.UserCode, model); | |||
| } | |||
| return result; | |||
| } | |||
| private async Task<DeviceAuthorizationViewModel> BuildViewModelAsync(string userCode, DeviceAuthorizationInputModel model = null) | |||
| { | |||
| var request = await _interaction.GetAuthorizationContextAsync(userCode); | |||
| if (request != null) | |||
| { | |||
| return CreateConsentViewModel(userCode, model, request); | |||
| } | |||
| return null; | |||
| } | |||
| private DeviceAuthorizationViewModel CreateConsentViewModel(string userCode, DeviceAuthorizationInputModel model, DeviceFlowAuthorizationRequest request) | |||
| { | |||
| var vm = new DeviceAuthorizationViewModel | |||
| { | |||
| UserCode = userCode, | |||
| Description = model?.Description, | |||
| RememberConsent = model?.RememberConsent ?? true, | |||
| ScopesConsented = model?.ScopesConsented ?? Enumerable.Empty<string>(), | |||
| ClientName = request.Client.ClientName ?? request.Client.ClientId, | |||
| ClientUrl = request.Client.ClientUri, | |||
| ClientLogoUrl = request.Client.LogoUri, | |||
| AllowRememberConsent = request.Client.AllowRememberConsent | |||
| }; | |||
| vm.IdentityScopes = request.ValidatedResources.Resources.IdentityResources.Select(x => CreateScopeViewModel(x, vm.ScopesConsented.Contains(x.Name) || model == null)).ToArray(); | |||
| var apiScopes = new List<ScopeViewModel>(); | |||
| foreach (var parsedScope in request.ValidatedResources.ParsedScopes) | |||
| { | |||
| var apiScope = request.ValidatedResources.Resources.FindApiScope(parsedScope.ParsedName); | |||
| if (apiScope != null) | |||
| { | |||
| var scopeVm = CreateScopeViewModel(parsedScope, apiScope, vm.ScopesConsented.Contains(parsedScope.RawValue) || model == null); | |||
| apiScopes.Add(scopeVm); | |||
| } | |||
| } | |||
| if (ConsentOptions.EnableOfflineAccess && request.ValidatedResources.Resources.OfflineAccess) | |||
| { | |||
| apiScopes.Add(GetOfflineAccessScope(vm.ScopesConsented.Contains(IdentityServerConstants.StandardScopes.OfflineAccess) || model == null)); | |||
| } | |||
| vm.ApiScopes = apiScopes; | |||
| return vm; | |||
| } | |||
| private ScopeViewModel CreateScopeViewModel(IdentityResource identity, bool check) | |||
| { | |||
| return new ScopeViewModel | |||
| { | |||
| Value = identity.Name, | |||
| DisplayName = identity.DisplayName ?? identity.Name, | |||
| Description = identity.Description, | |||
| Emphasize = identity.Emphasize, | |||
| Required = identity.Required, | |||
| Checked = check || identity.Required | |||
| }; | |||
| } | |||
| public ScopeViewModel CreateScopeViewModel(ParsedScopeValue parsedScopeValue, ApiScope apiScope, bool check) | |||
| { | |||
| return new ScopeViewModel | |||
| { | |||
| Value = parsedScopeValue.RawValue, | |||
| DisplayName = apiScope.DisplayName ?? apiScope.Name, | |||
| Description = apiScope.Description, | |||
| Emphasize = apiScope.Emphasize, | |||
| Required = apiScope.Required, | |||
| Checked = check || apiScope.Required | |||
| }; | |||
| } | |||
| private ScopeViewModel GetOfflineAccessScope(bool check) | |||
| { | |||
| return new ScopeViewModel | |||
| { | |||
| Value = IdentityServerConstants.StandardScopes.OfflineAccess, | |||
| DisplayName = ConsentOptions.OfflineAccessDisplayName, | |||
| Description = ConsentOptions.OfflineAccessDescription, | |||
| Emphasize = true, | |||
| Checked = check | |||
| }; | |||
| } | |||
| } | |||
+ 22
- 0
src/Services/Identity/Identity.API/Quickstart/Diagnostics/DiagnosticsController.cs
View File
| @ -0,0 +1,22 @@ | |||
| // Copyright (c) Brock Allen & Dominick Baier. All rights reserved. | |||
| // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. | |||
| namespace IdentityServerHost.Quickstart.UI; | |||
| [SecurityHeaders] | |||
| [Authorize] | |||
| public class DiagnosticsController : Controller | |||
| { | |||
| public async Task<IActionResult> Index() | |||
| { | |||
| var localAddresses = new string[] { "127.0.0.1", "::1", HttpContext.Connection.LocalIpAddress.ToString() }; | |||
| if (!localAddresses.Contains(HttpContext.Connection.RemoteIpAddress.ToString())) | |||
| { | |||
| return NotFound(); | |||
| } | |||
| var model = new DiagnosticsViewModel(await HttpContext.AuthenticateAsync()); | |||
| return View(model); | |||
| } | |||
| } | |||
+ 28
- 0
src/Services/Identity/Identity.API/Quickstart/Diagnostics/DiagnosticsViewModel.cs
View File
| @ -0,0 +1,28 @@ | |||
| // Copyright (c) Brock Allen & Dominick Baier. All rights reserved. | |||
| // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. | |||
| using System.Text; | |||
| using System.Text.Json; | |||
| namespace IdentityServerHost.Quickstart.UI; | |||
| public class DiagnosticsViewModel | |||
| { | |||
| public DiagnosticsViewModel(AuthenticateResult result) | |||
| { | |||
| AuthenticateResult = result; | |||
| if (result.Properties.Items.ContainsKey("client_list")) | |||
| { | |||
| var encoded = result.Properties.Items["client_list"]; | |||
| var bytes = Base64Url.Decode(encoded); | |||
| var value = Encoding.UTF8.GetString(bytes); | |||
| Clients = JsonSerializer.Deserialize<string[]>(value); | |||
| } | |||
| } | |||
| public AuthenticateResult AuthenticateResult { get; } | |||
| public IEnumerable<string> Clients { get; } = new List<string>(); | |||
| } | |||
+ 22
- 0
src/Services/Identity/Identity.API/Quickstart/Extensions.cs
View File
| @ -0,0 +1,22 @@ | |||
| namespace IdentityServerHost.Quickstart.UI; | |||
| public static class Extensions | |||
| { | |||
| /// <summary> | |||
| /// Checks if the redirect URI is for a native client. | |||
| /// </summary> | |||
| /// <returns></returns> | |||
| public static bool IsNativeClient(this AuthorizationRequest context) | |||
| { | |||
| return !context.RedirectUri.StartsWith("https", StringComparison.Ordinal) | |||
| && !context.RedirectUri.StartsWith("http", StringComparison.Ordinal); | |||
| } | |||
| public static IActionResult LoadingPage(this Controller controller, string viewName, string redirectUri) | |||
| { | |||
| controller.HttpContext.Response.StatusCode = 200; | |||
| controller.HttpContext.Response.Headers["Location"] = ""; | |||
| return controller.View(viewName, new RedirectViewModel { RedirectUrl = redirectUri }); | |||
| } | |||
| } | |||
+ 85
- 0
src/Services/Identity/Identity.API/Quickstart/Grants/GrantsController.cs
View File
| @ -0,0 +1,85 @@ | |||
| // Copyright (c) Brock Allen & Dominick Baier. All rights reserved. | |||
| // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. | |||
| namespace IdentityServerHost.Quickstart.UI; | |||
| /// <summary> | |||
| /// This sample controller allows a user to revoke grants given to clients | |||
| /// </summary> | |||
| [SecurityHeaders] | |||
| [Authorize] | |||
| public class GrantsController : Controller | |||
| { | |||
| private readonly IIdentityServerInteractionService _interaction; | |||
| private readonly IClientStore _clients; | |||
| private readonly IResourceStore _resources; | |||
| private readonly IEventService _events; | |||
| public GrantsController(IIdentityServerInteractionService interaction, | |||
| IClientStore clients, | |||
| IResourceStore resources, | |||
| IEventService events) | |||
| { | |||
| _interaction = interaction; | |||
| _clients = clients; | |||
| _resources = resources; | |||
| _events = events; | |||
| } | |||
| /// <summary> | |||
| /// Show list of grants | |||
| /// </summary> | |||
| [HttpGet] | |||
| public async Task<IActionResult> Index() | |||
| { | |||
| return View("Index", await BuildViewModelAsync()); | |||
| } | |||
| /// <summary> | |||
| /// Handle postback to revoke a client | |||
| /// </summary> | |||
| [HttpPost] | |||
| [ValidateAntiForgeryToken] | |||
| public async Task<IActionResult> Revoke(string clientId) | |||
| { | |||
| await _interaction.RevokeUserConsentAsync(clientId); | |||
| await _events.RaiseAsync(new GrantsRevokedEvent(User.GetSubjectId(), clientId)); | |||
| return RedirectToAction("Index"); | |||
| } | |||
| private async Task<GrantsViewModel> BuildViewModelAsync() | |||
| { | |||
| var grants = await _interaction.GetAllUserGrantsAsync(); | |||
| var list = new List<GrantViewModel>(); | |||
| foreach (var grant in grants) | |||
| { | |||
| var client = await _clients.FindClientByIdAsync(grant.ClientId); | |||
| if (client != null) | |||
| { | |||
| var resources = await _resources.FindResourcesByScopeAsync(grant.Scopes); | |||
| var item = new GrantViewModel() | |||
| { | |||
| ClientId = client.ClientId, | |||
| ClientName = client.ClientName ?? client.ClientId, | |||
| ClientLogoUrl = client.LogoUri, | |||
| ClientUrl = client.ClientUri, | |||
| Description = grant.Description, | |||
| Created = grant.CreationTime, | |||
| Expires = grant.Expiration, | |||
| IdentityGrantNames = resources.IdentityResources.Select(x => x.DisplayName ?? x.Name).ToArray(), | |||
| ApiGrantNames = resources.ApiScopes.Select(x => x.DisplayName ?? x.Name).ToArray() | |||
| }; | |||
| list.Add(item); | |||
| } | |||
| } | |||
| return new GrantsViewModel | |||
| { | |||
| Grants = list | |||
| }; | |||
| } | |||
| } | |||
+ 23
- 0
src/Services/Identity/Identity.API/Quickstart/Grants/GrantsViewModel.cs
View File
| @ -0,0 +1,23 @@ | |||
| // Copyright (c) Brock Allen & Dominick Baier. All rights reserved. | |||
| // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. | |||
| namespace IdentityServerHost.Quickstart.UI; | |||
| public class GrantsViewModel | |||
| { | |||
| public IEnumerable<GrantViewModel> Grants { get; set; } | |||
| } | |||
| public class GrantViewModel | |||
| { | |||
| public string ClientId { get; set; } | |||
| public string ClientName { get; set; } | |||
| public string ClientUrl { get; set; } | |||
| public string ClientLogoUrl { get; set; } | |||
| public string Description { get; set; } | |||
| public DateTime Created { get; set; } | |||
| public DateTime? Expires { get; set; } | |||
| public IEnumerable<string> IdentityGrantNames { get; set; } | |||
| public IEnumerable<string> ApiGrantNames { get; set; } | |||
| } | |||
+ 18
- 0
src/Services/Identity/Identity.API/Quickstart/Home/ErrorViewModel.cs
View File
| @ -0,0 +1,18 @@ | |||
| // Copyright (c) Brock Allen & Dominick Baier. All rights reserved. | |||
| // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. | |||
| namespace IdentityServerHost.Quickstart.UI; | |||
| public class ErrorViewModel | |||
| { | |||
| public ErrorViewModel() | |||
| { | |||
| } | |||
| public ErrorViewModel(string error) | |||
| { | |||
| Error = new ErrorMessage { Error = error }; | |||
| } | |||
| public ErrorMessage Error { get; set; } | |||
| } | |||
+ 63
- 0
src/Services/Identity/Identity.API/Quickstart/Home/HomeController.cs
View File
| @ -0,0 +1,63 @@ | |||
| // Copyright (c) Brock Allen & Dominick Baier. All rights reserved. | |||
| // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. | |||
| using Microsoft.AspNetCore.Authorization; | |||
| using Microsoft.AspNetCore.Mvc; | |||
| namespace IdentityServerHost.Quickstart.UI | |||
| { | |||
| [SecurityHeaders] | |||
| [AllowAnonymous] | |||
| public class HomeController : Controller | |||
| { | |||
| private readonly IIdentityServerInteractionService _interaction; | |||
| private readonly IWebHostEnvironment _environment; | |||
| private readonly ILogger _logger; | |||
| public HomeController( | |||
| IIdentityServerInteractionService interaction, | |||
| IWebHostEnvironment environment, | |||
| ILogger<HomeController> logger) | |||
| { | |||
| _interaction = interaction; | |||
| _environment = environment; | |||
| _logger = logger; | |||
| } | |||
| public IActionResult Index() | |||
| { | |||
| if (_environment.IsDevelopment()) | |||
| { | |||
| // only show in development | |||
| return View(); | |||
| } | |||
| _logger.LogInformation("Homepage is disabled in production. Returning 404."); | |||
| return NotFound(); | |||
| } | |||
| /// <summary> | |||
| /// Shows the error page | |||
| /// </summary> | |||
| public async Task<IActionResult> Error(string errorId) | |||
| { | |||
| var vm = new ErrorViewModel(); | |||
| // retrieve error details from identityserver | |||
| var message = await _interaction.GetErrorContextAsync(errorId); | |||
| if (message != null) | |||
| { | |||
| vm.Error = message; | |||
| if (!_environment.IsDevelopment()) | |||
| { | |||
| // only show in development | |||
| message.ErrorDescription = null; | |||
| } | |||
| } | |||
| return View("Error", vm); | |||
| } | |||
| } | |||
| } | |||
+ 52
- 0
src/Services/Identity/Identity.API/Quickstart/SecurityHeadersAttribute.cs
View File
| @ -0,0 +1,52 @@ | |||
| // Copyright (c) Brock Allen & Dominick Baier. All rights reserved. | |||
| // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. | |||
| namespace IdentityServerHost.Quickstart.UI; | |||
| public class SecurityHeadersAttribute : ActionFilterAttribute | |||
| { | |||
| public override void OnResultExecuting(ResultExecutingContext context) | |||
| { | |||
| var result = context.Result; | |||
| if (result is ViewResult) | |||
| { | |||
| // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options | |||
| if (!context.HttpContext.Response.Headers.ContainsKey("X-Content-Type-Options")) | |||
| { | |||
| context.HttpContext.Response.Headers.Add("X-Content-Type-Options", "nosniff"); | |||
| } | |||
| // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options | |||
| if (!context.HttpContext.Response.Headers.ContainsKey("X-Frame-Options")) | |||
| { | |||
| context.HttpContext.Response.Headers.Add("X-Frame-Options", "SAMEORIGIN"); | |||
| } | |||
| // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy | |||
| var csp = "default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';"; | |||
| // also consider adding upgrade-insecure-requests once you have HTTPS in place for production | |||
| //csp += "upgrade-insecure-requests;"; | |||
| // also an example if you need client images to be displayed from twitter | |||
| // csp += "img-src 'self' https://pbs.twimg.com;"; | |||
| // once for standards compliant browsers | |||
| if (!context.HttpContext.Response.Headers.ContainsKey("Content-Security-Policy")) | |||
| { | |||
| context.HttpContext.Response.Headers.Add("Content-Security-Policy", csp); | |||
| } | |||
| // and once again for IE | |||
| if (!context.HttpContext.Response.Headers.ContainsKey("X-Content-Security-Policy")) | |||
| { | |||
| context.HttpContext.Response.Headers.Add("X-Content-Security-Policy", csp); | |||
| } | |||
| // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy | |||
| var referrer_policy = "no-referrer"; | |||
| if (!context.HttpContext.Response.Headers.ContainsKey("Referrer-Policy")) | |||
| { | |||
| context.HttpContext.Response.Headers.Add("Referrer-Policy", referrer_policy); | |||
| } | |||
| } | |||
| } | |||
| } | |||
+ 124
- 0
src/Services/Identity/Identity.API/SeedData.cs
View File
| @ -0,0 +1,124 @@ | |||
| using System.Threading.Tasks; | |||
| using System; | |||
| namespace Microsoft.eShopOnContainers.Services.Identity.API; | |||
| public class SeedData | |||
| { | |||
| public static async Task EnsureSeedData(IServiceScope scope, IConfiguration configuration, Microsoft.Extensions.Logging.ILogger logger) | |||
| { | |||
| var retryPolicy = CreateRetryPolicy(configuration, logger); | |||
| var context = scope.ServiceProvider.GetRequiredService<ApplicationDbContext>(); | |||
| await retryPolicy.ExecuteAsync(async () => | |||
| { | |||
| await context.Database.MigrateAsync(); | |||
| var userMgr = scope.ServiceProvider.GetRequiredService<UserManager<ApplicationUser>>(); | |||
| var alice = await userMgr.FindByNameAsync("alice"); | |||
| if (alice == null) | |||
| { | |||
| alice = new ApplicationUser | |||
| { | |||
| UserName = "alice", | |||
| Email = "AliceSmith@email.com", | |||
| EmailConfirmed = true, | |||
| CardHolderName = "Alice Smith", | |||
| CardNumber = "4012888888881881", | |||
| CardType = 1, | |||
| City = "Redmond", | |||
| Country = "U.S.", | |||
| Expiration = "12/24", | |||
| Id = Guid.NewGuid().ToString(), | |||
| LastName = "Smith", | |||
| Name = "Alice", | |||
| PhoneNumber = "1234567890", | |||
| ZipCode = "98052", | |||
| State = "WA", | |||
| Street = "15703 NE 61st Ct", | |||
| SecurityNumber = "123" | |||
| }; | |||
| var result = userMgr.CreateAsync(alice, "Pass123$").Result; | |||
| if (!result.Succeeded) | |||
| { | |||
| throw new Exception(result.Errors.First().Description); | |||
| } | |||
| logger.LogDebug("alice created"); | |||
| } | |||
| else | |||
| { | |||
| logger.LogDebug("alice already exists"); | |||
| } | |||
| var bob = await userMgr.FindByNameAsync("bob"); | |||
| if (bob == null) | |||
| { | |||
| bob = new ApplicationUser | |||
| { | |||
| UserName = "bob", | |||
| Email = "BobSmith@email.com", | |||
| EmailConfirmed = true, | |||
| CardHolderName = "Bob Smith", | |||
| CardNumber = "4012888888881881", | |||
| CardType = 1, | |||
| City = "Redmond", | |||
| Country = "U.S.", | |||
| Expiration = "12/24", | |||
| Id = Guid.NewGuid().ToString(), | |||
| LastName = "Smith", | |||
| Name = "Bob", | |||
| PhoneNumber = "1234567890", | |||
| ZipCode = "98052", | |||
| State = "WA", | |||
| Street = "15703 NE 61st Ct", | |||
| SecurityNumber = "456" | |||
| }; | |||
| var result = await userMgr.CreateAsync(bob, "Pass123$"); | |||
| if (!result.Succeeded) | |||
| { | |||
| throw new Exception(result.Errors.First().Description); | |||
| } | |||
| logger.LogDebug("bob created"); | |||
| } | |||
| else | |||
| { | |||
| logger.LogDebug("bob already exists"); | |||
| } | |||
| }); | |||
| } | |||
| private static AsyncPolicy CreateRetryPolicy(IConfiguration configuration, Microsoft.Extensions.Logging.ILogger logger) | |||
| { | |||
| var retryMigrations = false; | |||
| bool.TryParse(configuration["RetryMigrations"], out retryMigrations); | |||
| // Only use a retry policy if configured to do so. | |||
| // When running in an orchestrator/K8s, it will take care of restarting failed services. | |||
| if (retryMigrations) | |||
| { | |||
| return Policy.Handle<Exception>(). | |||
| WaitAndRetryForeverAsync( | |||
| sleepDurationProvider: retry => TimeSpan.FromSeconds(5), | |||
| onRetry: (exception, retry, timeSpan) => | |||
| { | |||
| logger.LogWarning( | |||
| exception, | |||
| "Exception {ExceptionType} with message {Message} detected during database migration (retry attempt {retry})", | |||
| exception.GetType().Name, | |||
| exception.Message, | |||
| retry); | |||
| } | |||
| ); | |||
| } | |||
| return Policy.NoOpAsync(); | |||
| } | |||
| } | |||
+ 0
- 2
src/Services/Identity/Identity.API/Setup/Users.csv
View File
| @ -1,2 +0,0 @@ | |||
| CardHolderName,CardNumber,CardType,City,Country,Email,Expiration,LastName,Name,PhoneNumber,UserName,ZipCode,State,Street,SecurityNumber,NormalizedEmail,NormalizedUserName,Password | |||
| DemoUser,4012888888881881,1,Redmond,U.S.,demouser@microsoft.com,12/25,DemoLastName,DemoUser,1234567890,demouser@microsoft.com,98052,WA,15703 NE 61st Ct,535,DEMOUSER@MICROSOFT.COM,DEMOUSER@MICROSOFT.COM,Pass@word1 | |||