tsai
/
openiddict-core
mirror of https://github.com/openiddict/openiddict-core.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Add a new OpenIddictAuthorizationManager.CreateAsync() overload and improve OpenIddictScopeManager.ListResourcesAsync()

pull/1570/head
Kévin Chalet 3 years ago
parent
10a6c63f83
commit
0d92faa308
5 changed files with 93 additions and 66 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 46
      sandbox/OpenIddict.Sandbox.AspNet.Server/Controllers/AuthorizationController.cs
  2. 62
      sandbox/OpenIddict.Sandbox.AspNetCore.Server/Controllers/AuthorizationController.cs
  3. 16
      src/OpenIddict.Abstractions/Managers/IOpenIddictAuthorizationManager.cs
  4. 22
      src/OpenIddict.Core/Managers/OpenIddictAuthorizationManager.cs
  5. 13
      src/OpenIddict.Core/Managers/OpenIddictScopeManager.cs

46
sandbox/OpenIddict.Sandbox.AspNet.Server/Controllers/AuthorizationController.cs
View File

@ -142,10 +142,10 @@ namespace OpenIddict.Sandbox.AspNet.Server.Controllers
roleType: Claims.Role);
// Add the claims that will be persisted in the tokens.
identity.AddClaim(Claims.Subject, user.Id)
.AddClaim(Claims.Email, user.Email)
.AddClaim(Claims.Name, user.UserName)
.AddClaims(Claims.Role, (await context.Get<ApplicationUserManager>().GetRolesAsync(user.Id)).ToImmutableArray());
identity.SetClaim(Claims.Subject, user.Id)
.SetClaim(Claims.Email, user.Email)
.SetClaim(Claims.Name, user.UserName)
.SetClaims(Claims.Role, (await context.Get<ApplicationUserManager>().GetRolesAsync(user.Id)).ToImmutableArray());
// Note: in this sample, the granted scopes match the requested scope
// but you may want to allow the user to uncheck specific scopes.
@ -156,15 +156,12 @@ namespace OpenIddict.Sandbox.AspNet.Server.Controllers
// Automatically create a permanent authorization to avoid requiring explicit consent
// for future authorization or token requests containing the same scopes.
var authorization = authorizations.LastOrDefault();
if (authorization == null)
{
authorization = await _authorizationManager.CreateAsync(
principal: new ClaimsPrincipal(identity),
subject : user.Id,
client : await _applicationManager.GetIdAsync(application),
type : AuthorizationTypes.Permanent,
scopes : identity.GetScopes());
}
authorization ??= await _authorizationManager.CreateAsync(
identity: identity,
subject : user.Id,
client : await _applicationManager.GetIdAsync(application),
type : AuthorizationTypes.Permanent,
scopes : identity.GetScopes());
identity.SetAuthorizationId(await _authorizationManager.GetIdAsync(authorization));
identity.SetDestinations(GetDestinations);
@ -263,10 +260,10 @@ namespace OpenIddict.Sandbox.AspNet.Server.Controllers
roleType: Claims.Role);
// Add the claims that will be persisted in the tokens.
identity.AddClaim(Claims.Subject, user.Id)
.AddClaim(Claims.Email, user.Email)
.AddClaim(Claims.Name, user.UserName)
.AddClaims(Claims.Role, (await context.Get<ApplicationUserManager>().GetRolesAsync(user.Id)).ToImmutableArray());
identity.SetClaim(Claims.Subject, user.Id)
.SetClaim(Claims.Email, user.Email)
.SetClaim(Claims.Name, user.UserName)
.SetClaims(Claims.Role, (await context.Get<ApplicationUserManager>().GetRolesAsync(user.Id)).ToImmutableArray());
// Note: in this sample, the granted scopes match the requested scope
// but you may want to allow the user to uncheck specific scopes.
@ -277,15 +274,12 @@ namespace OpenIddict.Sandbox.AspNet.Server.Controllers
// Automatically create a permanent authorization to avoid requiring explicit consent
// for future authorization or token requests containing the same scopes.
var authorization = authorizations.LastOrDefault();
if (authorization == null)
{
authorization = await _authorizationManager.CreateAsync(
principal: new ClaimsPrincipal(identity),
subject : user.Id,
client : await _applicationManager.GetIdAsync(application),
type : AuthorizationTypes.Permanent,
scopes : identity.GetScopes());
}
authorization ??= await _authorizationManager.CreateAsync(
identity: identity,
subject : user.Id,
client : await _applicationManager.GetIdAsync(application),
type : AuthorizationTypes.Permanent,
scopes : identity.GetScopes());
identity.SetAuthorizationId(await _authorizationManager.GetIdAsync(authorization));
identity.SetDestinations(GetDestinations);

62
sandbox/OpenIddict.Sandbox.AspNetCore.Server/Controllers/AuthorizationController.cs
View File

@ -173,10 +173,10 @@ public class AuthorizationController : Controller
roleType: Claims.Role);
// Add the claims that will be persisted in the tokens.
identity.AddClaim(Claims.Subject, await _userManager.GetUserIdAsync(user))
.AddClaim(Claims.Email, await _userManager.GetEmailAsync(user))
.AddClaim(Claims.Name, await _userManager.GetUserNameAsync(user))
.AddClaims(Claims.Role, (await _userManager.GetRolesAsync(user)).ToImmutableArray());
identity.SetClaim(Claims.Subject, await _userManager.GetUserIdAsync(user))
.SetClaim(Claims.Email, await _userManager.GetEmailAsync(user))
.SetClaim(Claims.Name, await _userManager.GetUserNameAsync(user))
.SetClaims(Claims.Role, (await _userManager.GetRolesAsync(user)).ToImmutableArray());
// Note: in this sample, the granted scopes match the requested scope
// but you may want to allow the user to uncheck specific scopes.
@ -187,15 +187,12 @@ public class AuthorizationController : Controller
// Automatically create a permanent authorization to avoid requiring explicit consent
// for future authorization or token requests containing the same scopes.
var authorization = authorizations.LastOrDefault();
if (authorization is null)
{
authorization = await _authorizationManager.CreateAsync(
principal: new ClaimsPrincipal(identity),
subject : await _userManager.GetUserIdAsync(user),
client : await _applicationManager.GetIdAsync(application),
type : AuthorizationTypes.Permanent,
scopes : identity.GetScopes());
}
authorization ??= await _authorizationManager.CreateAsync(
identity: identity,
subject : await _userManager.GetUserIdAsync(user),
client : await _applicationManager.GetIdAsync(application),
type : AuthorizationTypes.Permanent,
scopes : identity.GetScopes());
identity.SetAuthorizationId(await _authorizationManager.GetIdAsync(authorization));
identity.SetDestinations(GetDestinations);
@ -269,10 +266,10 @@ public class AuthorizationController : Controller
roleType: Claims.Role);
// Add the claims that will be persisted in the tokens.
identity.AddClaim(Claims.Subject, await _userManager.GetUserIdAsync(user))
.AddClaim(Claims.Email, await _userManager.GetEmailAsync(user))
.AddClaim(Claims.Name, await _userManager.GetUserNameAsync(user))
.AddClaims(Claims.Role, (await _userManager.GetRolesAsync(user)).ToImmutableArray());
identity.SetClaim(Claims.Subject, await _userManager.GetUserIdAsync(user))
.SetClaim(Claims.Email, await _userManager.GetEmailAsync(user))
.SetClaim(Claims.Name, await _userManager.GetUserNameAsync(user))
.SetClaims(Claims.Role, (await _userManager.GetRolesAsync(user)).ToImmutableArray());
// Note: in this sample, the granted scopes match the requested scope
// but you may want to allow the user to uncheck specific scopes.
@ -283,15 +280,12 @@ public class AuthorizationController : Controller
// Automatically create a permanent authorization to avoid requiring explicit consent
// for future authorization or token requests containing the same scopes.
var authorization = authorizations.LastOrDefault();
if (authorization is null)
{
authorization = await _authorizationManager.CreateAsync(
principal: new ClaimsPrincipal(identity),
subject : await _userManager.GetUserIdAsync(user),
client : await _applicationManager.GetIdAsync(application),
type : AuthorizationTypes.Permanent,
scopes : identity.GetScopes());
}
authorization ??= await _authorizationManager.CreateAsync(
identity: identity,
subject : await _userManager.GetUserIdAsync(user),
client : await _applicationManager.GetIdAsync(application),
type : AuthorizationTypes.Permanent,
scopes : identity.GetScopes());
identity.SetAuthorizationId(await _authorizationManager.GetIdAsync(authorization));
identity.SetDestinations(GetDestinations);
@ -366,10 +360,10 @@ public class AuthorizationController : Controller
roleType: Claims.Role);
// Add the claims that will be persisted in the tokens.
identity.AddClaim(Claims.Subject, await _userManager.GetUserIdAsync(user))
.AddClaim(Claims.Email, await _userManager.GetEmailAsync(user))
.AddClaim(Claims.Name, await _userManager.GetUserNameAsync(user))
.AddClaims(Claims.Role, (await _userManager.GetRolesAsync(user)).ToImmutableArray());
identity.SetClaim(Claims.Subject, await _userManager.GetUserIdAsync(user))
.SetClaim(Claims.Email, await _userManager.GetEmailAsync(user))
.SetClaim(Claims.Name, await _userManager.GetUserNameAsync(user))
.SetClaims(Claims.Role, (await _userManager.GetRolesAsync(user)).ToImmutableArray());
// Note: in this sample, the granted scopes match the requested scope
// but you may want to allow the user to uncheck specific scopes.
@ -480,10 +474,10 @@ public class AuthorizationController : Controller
roleType: Claims.Role);
// Add the claims that will be persisted in the tokens.
identity.AddClaim(Claims.Subject, await _userManager.GetUserIdAsync(user))
.AddClaim(Claims.Email, await _userManager.GetEmailAsync(user))
.AddClaim(Claims.Name, await _userManager.GetUserNameAsync(user))
.AddClaims(Claims.Role, (await _userManager.GetRolesAsync(user)).ToImmutableArray());
identity.SetClaim(Claims.Subject, await _userManager.GetUserIdAsync(user))
.SetClaim(Claims.Email, await _userManager.GetEmailAsync(user))
.SetClaim(Claims.Name, await _userManager.GetUserNameAsync(user))
.SetClaims(Claims.Role, (await _userManager.GetRolesAsync(user)).ToImmutableArray());
// Note: in this sample, the granted scopes match the requested scope
// but you may want to allow the user to uncheck specific scopes.

16
src/OpenIddict.Abstractions/Managers/IOpenIddictAuthorizationManager.cs
View File

@ -44,6 +44,22 @@ public interface IOpenIddictAuthorizationManager
ValueTask<long> CountAsync<TResult>(
Func<IQueryable<object>, IQueryable<TResult>> query, CancellationToken cancellationToken = default);
/// <summary>
/// Creates a new permanent authorization based on the specified parameters.
/// </summary>
/// <param name="identity">The identity associated with the authorization.</param>
/// <param name="subject">The subject associated with the authorization.</param>
/// <param name="client">The client associated with the authorization.</param>
/// <param name="type">The authorization type.</param>
/// <param name="scopes">The minimal scopes associated with the authorization.</param>
/// <param name="cancellationToken">The <see cref="CancellationToken"/> that can be used to abort the operation.</param>
/// <returns>
/// A <see cref="ValueTask"/> that can be used to monitor the asynchronous operation, whose result returns the authorization.
/// </returns>
ValueTask<object> CreateAsync(
ClaimsIdentity identity, string subject, string client,
string type, ImmutableArray<string> scopes, CancellationToken cancellationToken = default);
/// <summary>
/// Creates a new permanent authorization based on the specified parameters.
/// </summary>

22
src/OpenIddict.Core/Managers/OpenIddictAuthorizationManager.cs
View File

@ -174,6 +174,24 @@ public class OpenIddictAuthorizationManager<TAuthorization> : IOpenIddictAuthori
return authorization;
}
/// <summary>
/// Creates a new permanent authorization based on the specified parameters.
/// </summary>
/// <param name="identity">The identity associated with the authorization.</param>
/// <param name="subject">The subject associated with the authorization.</param>
/// <param name="client">The client associated with the authorization.</param>
/// <param name="type">The authorization type.</param>
/// <param name="scopes">The minimal scopes associated with the authorization.</param>
/// <param name="cancellationToken">The <see cref="CancellationToken"/> that can be used to abort the operation.</param>
/// <returns>
/// A <see cref="ValueTask"/> that can be used to monitor the asynchronous operation, whose result returns the authorization.
/// </returns>
public virtual ValueTask<TAuthorization> CreateAsync(
ClaimsIdentity identity, string subject, string client,
string type, ImmutableArray<string> scopes, CancellationToken cancellationToken = default)
=> CreateAsync(new ClaimsPrincipal(identity ?? throw new ArgumentNullException(nameof(identity))),
subject, client, type, scopes, cancellationToken);
/// <summary>
/// Creates a new permanent authorization based on the specified parameters.
/// </summary>
@ -1187,6 +1205,10 @@ public class OpenIddictAuthorizationManager<TAuthorization> : IOpenIddictAuthori
ValueTask<long> IOpenIddictAuthorizationManager.CountAsync<TResult>(Func<IQueryable<object>, IQueryable<TResult>> query, CancellationToken cancellationToken)
=> CountAsync(query, cancellationToken);
/// <inheritdoc/>
async ValueTask<object> IOpenIddictAuthorizationManager.CreateAsync(ClaimsIdentity identity, string subject, string client, string type, ImmutableArray<string> scopes, CancellationToken cancellationToken)
=> await CreateAsync(identity, subject, client, type, scopes, cancellationToken);
/// <inheritdoc/>
async ValueTask<object> IOpenIddictAuthorizationManager.CreateAsync(ClaimsPrincipal principal, string subject, string client, string type, ImmutableArray<string> scopes, CancellationToken cancellationToken)
=> await CreateAsync(principal, subject, client, type, scopes, cancellationToken);

13
src/OpenIddict.Core/Managers/OpenIddictScopeManager.cs
View File

@ -744,12 +744,13 @@ public class OpenIddictScopeManager<TScope> : IOpenIddictScopeManager where TSco
await foreach (var scope in FindByNamesAsync(scopes, cancellationToken))
{
resources.UnionWith(await GetResourcesAsync(scope, cancellationToken));
}
foreach (var resource in resources)
{
yield return resource;
foreach (var resource in await GetResourcesAsync(scope, cancellationToken))
{
if (resources.Add(resource))
{
yield return resource;
}
}
}
}

Write Preview
Loading…
Cancel
Save