diff --git a/samples/Mvc.Server/Controllers/AuthorizationController.cs b/samples/Mvc.Server/Controllers/AuthorizationController.cs index be3877d9..50ddc079 100644 --- a/samples/Mvc.Server/Controllers/AuthorizationController.cs +++ b/samples/Mvc.Server/Controllers/AuthorizationController.cs @@ -58,7 +58,7 @@ namespace Mvc.Server { return View("Error", new ErrorViewModel { - Error = OpenIdConnectConstants.Errors.InvalidClient, + Error = OpenIddictConstants.Errors.InvalidClient, ErrorDescription = "Details concerning the calling client application cannot be found in the database" }); } @@ -87,7 +87,7 @@ namespace Mvc.Server { return View("Error", new ErrorViewModel { - Error = OpenIdConnectConstants.Errors.ServerError, + Error = OpenIddictConstants.Errors.ServerError, ErrorDescription = "An internal error has occurred" }); } @@ -158,7 +158,7 @@ namespace Mvc.Server { return BadRequest(new OpenIdConnectResponse { - Error = OpenIdConnectConstants.Errors.InvalidGrant, + Error = OpenIddictConstants.Errors.InvalidGrant, ErrorDescription = "The username/password couple is invalid." }); } @@ -169,7 +169,7 @@ namespace Mvc.Server { return BadRequest(new OpenIdConnectResponse { - Error = OpenIdConnectConstants.Errors.InvalidGrant, + Error = OpenIddictConstants.Errors.InvalidGrant, ErrorDescription = "The username/password couple is invalid." }); } @@ -194,7 +194,7 @@ namespace Mvc.Server { return BadRequest(new OpenIdConnectResponse { - Error = OpenIdConnectConstants.Errors.InvalidGrant, + Error = OpenIddictConstants.Errors.InvalidGrant, ErrorDescription = "The token is no longer valid." }); } @@ -204,7 +204,7 @@ namespace Mvc.Server { return BadRequest(new OpenIdConnectResponse { - Error = OpenIdConnectConstants.Errors.InvalidGrant, + Error = OpenIddictConstants.Errors.InvalidGrant, ErrorDescription = "The user is no longer allowed to sign in." }); } @@ -218,7 +218,7 @@ namespace Mvc.Server return BadRequest(new OpenIdConnectResponse { - Error = OpenIdConnectConstants.Errors.UnsupportedGrantType, + Error = OpenIddictConstants.Errors.UnsupportedGrantType, ErrorDescription = "The specified grant type is not supported." }); } @@ -261,27 +261,27 @@ namespace Mvc.Server switch (claim.Type) { - case OpenIdConnectConstants.Claims.Name: - yield return OpenIdConnectConstants.Destinations.AccessToken; + case OpenIddictConstants.Claims.Name: + yield return OpenIddictConstants.Destinations.AccessToken; - if (ticket.HasScope(OpenIdConnectConstants.Scopes.Profile)) - yield return OpenIdConnectConstants.Destinations.IdentityToken; + if (ticket.HasScope(OpenIddictConstants.Scopes.Profile)) + yield return OpenIddictConstants.Destinations.IdentityToken; yield break; - case OpenIdConnectConstants.Claims.Email: - yield return OpenIdConnectConstants.Destinations.AccessToken; + case OpenIddictConstants.Claims.Email: + yield return OpenIddictConstants.Destinations.AccessToken; - if (ticket.HasScope(OpenIdConnectConstants.Scopes.Email)) - yield return OpenIdConnectConstants.Destinations.IdentityToken; + if (ticket.HasScope(OpenIddictConstants.Scopes.Email)) + yield return OpenIddictConstants.Destinations.IdentityToken; yield break; - case OpenIdConnectConstants.Claims.Role: - yield return OpenIdConnectConstants.Destinations.AccessToken; + case OpenIddictConstants.Claims.Role: + yield return OpenIddictConstants.Destinations.AccessToken; - if (ticket.HasScope(OpenIddictConstants.Claims.Roles)) - yield return OpenIdConnectConstants.Destinations.IdentityToken; + if (ticket.HasScope(OpenIddictConstants.Scopes.Roles)) + yield return OpenIddictConstants.Destinations.IdentityToken; yield break; @@ -289,7 +289,7 @@ namespace Mvc.Server case "AspNet.Identity.SecurityStamp": yield break; default: - yield return OpenIdConnectConstants.Destinations.AccessToken; + yield return OpenIddictConstants.Destinations.AccessToken; yield break; } } diff --git a/src/OpenIddict.Abstractions/OpenIddictConstants.cs b/src/OpenIddict.Abstractions/OpenIddictConstants.cs index 519ad819..28cccd05 100644 --- a/src/OpenIddict.Abstractions/OpenIddictConstants.cs +++ b/src/OpenIddict.Abstractions/OpenIddictConstants.cs @@ -16,7 +16,55 @@ namespace OpenIddict.Abstractions public static class Claims { + public const string AccessTokenHash = "at_hash"; + public const string Active = "active"; + public const string Address = "address"; + public const string Audience = "aud"; + public const string AuthenticationContextReference = "acr"; + public const string AuthenticationMethodReference = "amr"; + public const string AuthenticationTime = "auth_time"; + public const string AuthorizedParty = "azp"; + public const string Birthdate = "birthdate"; + public const string ClientId = "client_id"; + public const string CodeHash = "c_hash"; + public const string ConfidentialityLevel = "cfd_lvl"; + public const string Country = "country"; + public const string Email = "email"; + public const string EmailVerified = "email_verified"; + public const string ExpiresAt = "exp"; + public const string FamilyName = "family_name"; + public const string Formatted = "formatted"; + public const string Gender = "gender"; + public const string GivenName = "given_name"; + public const string IssuedAt = "iat"; + public const string Issuer = "iss"; + public const string Locale = "locale"; + public const string Locality = "locality"; + public const string JwtId = "jti"; + public const string KeyId = "kid"; + public const string MiddleName = "middle_name"; + public const string Name = "name"; + public const string Nickname = "nickname"; + public const string Nonce = "nonce"; + public const string NotBefore = "nbf"; + public const string PhoneNumber = "phone_number"; + public const string PhoneNumberVerified = "phone_number_verified"; + public const string Picture = "picture"; + public const string PostalCode = "postal_code"; + public const string PreferredUsername = "preferred_username"; + public const string Profile = "profile"; + public const string Region = "region"; + public const string Role = "role"; public const string Roles = "roles"; + public const string Scope = "scope"; + public const string StreetAddress = "street_address"; + public const string Subject = "sub"; + public const string TokenType = "token_type"; + public const string TokenUsage = "token_usage"; + public const string UpdatedAt = "updated_at"; + public const string Username = "username"; + public const string Website = "website"; + public const string Zoneinfo = "zoneinfo"; } public static class ClientTypes @@ -33,12 +81,43 @@ namespace OpenIddict.Abstractions public const string Implicit = "implicit"; } + public static class Destinations + { + public const string AccessToken = "access_token"; + public const string IdentityToken = "id_token"; + } + public static class Environment { public const string AuthorizationRequest = "openiddict-authorization-request:"; public const string LogoutRequest = "openiddict-logout-request:"; } + public static class Errors + { + public const string AccessDenied = "access_denied"; + public const string AccountSelectionRequired = "account_selection_required"; + public const string ConsentRequired = "consent_required"; + public const string InteractionRequired = "interaction_required"; + public const string InvalidClient = "invalid_client"; + public const string InvalidGrant = "invalid_grant"; + public const string InvalidRequest = "invalid_request"; + public const string InvalidRequestObject = "invalid_request_object"; + public const string InvalidRequestUri = "invalid_request_uri"; + public const string InvalidScope = "invalid_scope"; + public const string InvalidToken = "invalid_token"; + public const string LoginRequired = "login_required"; + public const string RegistrationNotSupported = "registration_not_supported"; + public const string RequestNotSupported = "request_not_supported"; + public const string RequestUriNotSupported = "request_uri_not_supported"; + public const string ServerError = "server_error"; + public const string TemporarilyUnavailable = "temporarily_unavailable"; + public const string UnauthorizedClient = "unauthorized_client"; + public const string UnsupportedGrantType = "unsupported_grant_type"; + public const string UnsupportedResponseType = "unsupported_response_type"; + public const string UnsupportedTokenType = "unsupported_token_type"; + } + public static class Exceptions { public const string ConcurrencyError = "concurrency_error"; @@ -83,6 +162,14 @@ namespace OpenIddict.Abstractions } } + public static class Prompts + { + public const string Consent = "consent"; + public const string Login = "login"; + public const string None = "none"; + public const string SelectAccount = "select_account"; + } + public static class Properties { public const string Application = ".application"; @@ -108,6 +195,12 @@ namespace OpenIddict.Abstractions public static class Scopes { + public const string Address = "address"; + public const string Email = "email"; + public const string OfflineAccess = "offline_access"; + public const string OpenId = "openid"; + public const string Phone = "phone"; + public const string Profile = "profile"; public const string Roles = "roles"; }