/*
* Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
* See https://github.com/openiddict/openiddict-core for more information concerning
* the license and the contributors participating to this project.
*/
using System;
using System.Collections.Generic;
using System.Security.Claims;
using JetBrains.Annotations;
using System.Text.Json;
using OpenIddict.Abstractions;
namespace OpenIddict.Server
{
public static partial class OpenIddictServerEvents
{
///
/// Represents an event called for each request to the userinfo endpoint to give the user code
/// a chance to manually extract the userinfo request from the ambient HTTP context.
///
public class ExtractUserinfoRequestContext : BaseValidatingContext
{
///
/// Creates a new instance of the class.
///
public ExtractUserinfoRequestContext([NotNull] OpenIddictServerTransaction transaction)
: base(transaction)
{
}
}
///
/// Represents an event called for each request to the userinfo endpoint
/// to determine if the request is valid and should continue to be processed.
///
public class ValidateUserinfoRequestContext : BaseValidatingContext
{
///
/// Creates a new instance of the class.
///
public ValidateUserinfoRequestContext([NotNull] OpenIddictServerTransaction transaction)
: base(transaction)
{
}
///
/// Gets or sets the security principal extracted from the access token, if available.
///
public ClaimsPrincipal Principal { get; set; }
}
///
/// Represents an event called for each validated userinfo request
/// to allow the user code to decide how the request should be handled.
///
public class HandleUserinfoRequestContext : BaseValidatingContext
{
///
/// Creates a new instance of the class.
///
public HandleUserinfoRequestContext([NotNull] OpenIddictServerTransaction transaction)
: base(transaction)
{
}
///
/// Gets or sets the security principal extracted from the access token.
///
public ClaimsPrincipal Principal { get; set; }
///
/// Gets the additional claims returned to the client application.
///
public IDictionary Claims { get; } =
new Dictionary(StringComparer.Ordinal);
///
/// Gets or sets the value used for the "address" claim.
/// Note: this value should only be populated if the "address"
/// scope was requested and accepted by the resource owner.
///
public JsonElement Address { get; set; }
///
/// Gets or sets the values used for the "aud" claim.
///
public HashSet Audiences { get; } = new HashSet(StringComparer.Ordinal);
///
/// Gets or sets the value used for the "birthdate" claim.
/// Note: this value should only be populated if the "profile"
/// scope was requested and accepted by the resource owner.
///
public string BirthDate { get; set; }
///
/// Gets or sets the value used for the "email" claim.
/// Note: this value should only be populated if the "email"
/// scope was requested and accepted by the resource owner.
///
public string Email { get; set; }
///
/// Gets or sets the value used for the "email_verified" claim.
/// Note: this value should only be populated if the "email"
/// scope was requested and accepted by the resource owner.
///
public bool? EmailVerified { get; set; }
///
/// Gets or sets the value used for the "family_name" claim.
/// Note: this value should only be populated if the "profile"
/// scope was requested and accepted by the resource owner.
///
public string FamilyName { get; set; }
///
/// Gets or sets the value used for the "given_name" claim.
/// Note: this value should only be populated if the "profile"
/// scope was requested and accepted by the resource owner.
///
public string GivenName { get; set; }
///
/// Gets or sets the value used for the "phone_number" claim.
/// Note: this value should only be populated if the "phone"
/// scope was requested and accepted by the resource owner.
///
public string PhoneNumber { get; set; }
///
/// Gets or sets the value used for the "phone_number_verified" claim.
/// Note: this value should only be populated if the "phone"
/// scope was requested and accepted by the resource owner.
///
public bool? PhoneNumberVerified { get; set; }
///
/// Gets or sets the value used for the "preferred_username" claim.
/// Note: this value should only be populated if the "profile"
/// scope was requested and accepted by the resource owner.
///
public string PreferredUsername { get; set; }
///
/// Gets or sets the value used for the "profile" claim.
/// Note: this value should only be populated if the "profile"
/// scope was requested and accepted by the resource owner.
///
public string Profile { get; set; }
///
/// Gets or sets the unique value
/// used for the mandatory "sub" claim.
///
public string Subject { get; set; }
///
/// Gets or sets the value used for the "website" claim.
/// Note: this value should only be populated if the "profile"
/// scope was requested and accepted by the resource owner.
///
public string Website { get; set; }
}
///
/// Represents an event called before the userinfo response is returned to the caller.
///
public class ApplyUserinfoResponseContext : BaseRequestContext
{
///
/// Creates a new instance of the class.
///
public ApplyUserinfoResponseContext([NotNull] OpenIddictServerTransaction transaction)
: base(transaction)
{
}
///
/// Gets the error code returned to the client application.
/// When the response indicates a successful response,
/// this property returns null.
///
public string Error => Response.Error;
}
}
}