Update the ValidateScopes handlers to lazily resolve IOpenIddictScopeManager

5 years ago · b18ee4888f
5 changed files with 112 additions and 4 deletions
--- a/src/OpenIddict.Server/OpenIddictServerHandlerDescriptor.cs
+++ b/src/OpenIddict.Server/OpenIddictServerHandlerDescriptor.cs
@ -180,6 +180,24 @@ namespace OpenIddict.Server
                => SetServiceDescriptor(new ServiceDescriptor(
                    typeof(THandler), typeof(THandler), ServiceLifetime.Scoped));

+            /// <summary>
+            /// Configures the descriptor to use the specified scoped handler.
+            /// </summary>
+            /// <typeparam name="THandler">The handler type.</typeparam>
+            /// <param name="factory">The factory used to create the handler.</param>
+            /// <returns>The builder instance, so that calls can be easily chained.</returns>
+            public Builder<TContext> UseScopedHandler<THandler>(Func<IServiceProvider, object> factory)
+                where THandler : IOpenIddictServerHandler<TContext>
+            {
+                if (factory is null)
+                {
+                    throw new ArgumentNullException(nameof(factory));
+                }
+
+                return SetServiceDescriptor(new ServiceDescriptor(
+                    typeof(THandler), factory, ServiceLifetime.Scoped));
+            }
+
            /// <summary>
            /// Configures the descriptor to use the specified singleton handler.
            /// </summary>
@ -190,6 +208,24 @@ namespace OpenIddict.Server
                => SetServiceDescriptor(new ServiceDescriptor(
                    typeof(THandler), typeof(THandler), ServiceLifetime.Singleton));

+            /// <summary>
+            /// Configures the descriptor to use the specified singleton handler.
+            /// </summary>
+            /// <typeparam name="THandler">The handler type.</typeparam>
+            /// <param name="factory">The factory used to create the handler.</param>
+            /// <returns>The builder instance, so that calls can be easily chained.</returns>
+            public Builder<TContext> UseSingletonHandler<THandler>(Func<IServiceProvider, object> factory)
+                where THandler : IOpenIddictServerHandler<TContext>
+            {
+                if (factory is null)
+                {
+                    throw new ArgumentNullException(nameof(factory));
+                }
+
+                return SetServiceDescriptor(new ServiceDescriptor(
+                    typeof(THandler), factory, ServiceLifetime.Singleton));
+            }
+
            /// <summary>
            /// Configures the descriptor to use the specified singleton handler.
            /// </summary>
--- a/src/OpenIddict.Server/OpenIddictServerHandlers.Authentication.cs
+++ b/src/OpenIddict.Server/OpenIddictServerHandlers.Authentication.cs
@ -10,7 +10,9 @@ using System.Collections.Immutable;
 using System.Diagnostics;
 using System.Linq;
 using System.Threading.Tasks;
+using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;
 using OpenIddict.Abstractions;
 using static OpenIddict.Abstractions.OpenIddictConstants;
 using static OpenIddict.Server.OpenIddictServerEvents;
@ -1161,7 +1163,17 @@ namespace OpenIddict.Server
                public static OpenIddictServerHandlerDescriptor Descriptor { get; }
                    = OpenIddictServerHandlerDescriptor.CreateBuilder<ValidateAuthorizationRequestContext>()
                        .AddFilter<RequireScopeValidationEnabled>()
-                        .UseScopedHandler<ValidateScopes>()
+                        .UseScopedHandler<ValidateScopes>(provider =>
+                        {
+                            // Note: the scope manager is only resolved if the degraded mode was not enabled to ensure
+                            // invalid core configuration exceptions are not thrown even if the managers were registered.
+                            var options = provider.GetRequiredService<IOptionsMonitor<OpenIddictServerOptions>>().CurrentValue;
+
+                            return options.EnableDegradedMode ?
+                                new ValidateScopes() :
+                                new ValidateScopes(provider.GetService<IOpenIddictScopeManager>() ??
+                                    throw new InvalidOperationException(SR.GetResourceString(SR.ID0016)));
+                        })
                        .SetOrder(ValidateClientRedirectUri.Descriptor.Order + 1_000)
                        .SetType(OpenIddictServerHandlerType.BuiltIn)
                        .Build();
--- a/src/OpenIddict.Server/OpenIddictServerHandlers.Device.cs
+++ b/src/OpenIddict.Server/OpenIddictServerHandlers.Device.cs
@ -10,7 +10,9 @@ using System.Collections.Immutable;
 using System.Diagnostics;
 using System.Security.Claims;
 using System.Threading.Tasks;
+using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;
 using OpenIddict.Abstractions;
 using static OpenIddict.Abstractions.OpenIddictConstants;
 using static OpenIddict.Server.OpenIddictServerEvents;
@ -383,7 +385,17 @@ namespace OpenIddict.Server
                public static OpenIddictServerHandlerDescriptor Descriptor { get; }
                    = OpenIddictServerHandlerDescriptor.CreateBuilder<ValidateDeviceRequestContext>()
                        .AddFilter<RequireScopeValidationEnabled>()
-                        .UseScopedHandler<ValidateScopes>()
+                        .UseScopedHandler<ValidateScopes>(provider =>
+                        {
+                            // Note: the scope manager is only resolved if the degraded mode was not enabled to ensure
+                            // invalid core configuration exceptions are not thrown even if the managers were registered.
+                            var options = provider.GetRequiredService<IOptionsMonitor<OpenIddictServerOptions>>().CurrentValue;
+
+                            return options.EnableDegradedMode ?
+                                new ValidateScopes() :
+                                new ValidateScopes(provider.GetService<IOpenIddictScopeManager>() ??
+                                    throw new InvalidOperationException(SR.GetResourceString(SR.ID0016)));
+                        })
                        .SetOrder(ValidateClientIdParameter.Descriptor.Order + 1_000)
                        .SetType(OpenIddictServerHandlerType.BuiltIn)
                        .Build();
--- a/src/OpenIddict.Server/OpenIddictServerHandlers.Exchange.cs
+++ b/src/OpenIddict.Server/OpenIddictServerHandlers.Exchange.cs
@ -7,17 +7,19 @@
 using System;
 using System.Collections.Generic;
 using System.Collections.Immutable;
+using System.Diagnostics;
 using System.Security.Cryptography;
 using System.Text;
 using System.Threading.Tasks;
+using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;
 using Microsoft.IdentityModel.Tokens;
 using OpenIddict.Abstractions;
 using static OpenIddict.Abstractions.OpenIddictConstants;
 using static OpenIddict.Server.OpenIddictServerEvents;
 using static OpenIddict.Server.OpenIddictServerHandlerFilters;
 using SR = OpenIddict.Abstractions.OpenIddictResources;
-using System.Diagnostics;

 #if !SUPPORTS_TIME_CONSTANT_COMPARISONS
 using Org.BouncyCastle.Utilities;
@ -712,7 +714,17 @@ namespace OpenIddict.Server
                public static OpenIddictServerHandlerDescriptor Descriptor { get; }
                    = OpenIddictServerHandlerDescriptor.CreateBuilder<ValidateTokenRequestContext>()
                        .AddFilter<RequireScopeValidationEnabled>()
-                        .UseScopedHandler<ValidateScopes>()
+                        .UseScopedHandler<ValidateScopes>(provider =>
+                        {
+                            // Note: the scope manager is only resolved if the degraded mode was not enabled to ensure
+                            // invalid core configuration exceptions are not thrown even if the managers were registered.
+                            var options = provider.GetRequiredService<IOptionsMonitor<OpenIddictServerOptions>>().CurrentValue;
+
+                            return options.EnableDegradedMode ?
+                                new ValidateScopes() :
+                                new ValidateScopes(provider.GetService<IOpenIddictScopeManager>() ??
+                                    throw new InvalidOperationException(SR.GetResourceString(SR.ID0016)));
+                        })
                        .SetOrder(ValidateProofKeyForCodeExchangeParameters.Descriptor.Order + 1_000)
                        .SetType(OpenIddictServerHandlerType.BuiltIn)
                        .Build();
--- a/src/OpenIddict.Validation/OpenIddictValidationHandlerDescriptor.cs
+++ b/src/OpenIddict.Validation/OpenIddictValidationHandlerDescriptor.cs
@ -180,6 +180,24 @@ namespace OpenIddict.Validation
                => SetServiceDescriptor(new ServiceDescriptor(
                    typeof(THandler), typeof(THandler), ServiceLifetime.Scoped));

+            /// <summary>
+            /// Configures the descriptor to use the specified scoped handler.
+            /// </summary>
+            /// <typeparam name="THandler">The handler type.</typeparam>
+            /// <param name="factory">The factory used to create the handler.</param>
+            /// <returns>The builder instance, so that calls can be easily chained.</returns>
+            public Builder<TContext> UseScopedHandler<THandler>(Func<IServiceProvider, object> factory)
+                where THandler : IOpenIddictValidationHandler<TContext>
+            {
+                if (factory is null)
+                {
+                    throw new ArgumentNullException(nameof(factory));
+                }
+
+                return SetServiceDescriptor(new ServiceDescriptor(
+                    typeof(THandler), factory, ServiceLifetime.Scoped));
+            }
+
            /// <summary>
            /// Configures the descriptor to use the specified singleton handler.
            /// </summary>
@ -190,6 +208,24 @@ namespace OpenIddict.Validation
                => SetServiceDescriptor(new ServiceDescriptor(
                    typeof(THandler), typeof(THandler), ServiceLifetime.Singleton));

+            /// <summary>
+            /// Configures the descriptor to use the specified singleton handler.
+            /// </summary>
+            /// <typeparam name="THandler">The handler type.</typeparam>
+            /// <param name="factory">The factory used to create the handler.</param>
+            /// <returns>The builder instance, so that calls can be easily chained.</returns>
+            public Builder<TContext> UseSingletonHandler<THandler>(Func<IServiceProvider, object> factory)
+                where THandler : IOpenIddictValidationHandler<TContext>
+            {
+                if (factory is null)
+                {
+                    throw new ArgumentNullException(nameof(factory));
+                }
+
+                return SetServiceDescriptor(new ServiceDescriptor(
+                    typeof(THandler), factory, ServiceLifetime.Singleton));
+            }
+
            /// <summary>
            /// Configures the descriptor to use the specified singleton handler.
            /// </summary>