();
27 | }
28 |
--------------------------------------------------------------------------------
/access-token-management/src/AccessTokenManagement.OpenIdConnect/UserTokenRequestParameters.cs:
--------------------------------------------------------------------------------
1 | // Copyright (c) Duende Software. All rights reserved.
2 | // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
3 |
4 |
5 |
6 | namespace Duende.AccessTokenManagement.OpenIdConnect;
7 |
8 | ///
9 | /// Additional optional per request parameters for a user access token request
10 | ///
11 | public sealed record UserTokenRequestParameters : TokenRequestParameters
12 | {
13 | ///
14 | /// Overrides the default sign-in scheme. This information may be used for state management.
15 | ///
16 | public Scheme? SignInScheme { get; set; }
17 |
18 | ///
19 | /// Overrides the default challenge scheme. This information may be used for deriving token service configuration.
20 | ///
21 | public Scheme? ChallengeScheme { get; set; }
22 | }
23 |
--------------------------------------------------------------------------------
/identity-model/src/IdentityModel/Client/Messages/DynamicClientRegistrationRequest.cs:
--------------------------------------------------------------------------------
1 | // Copyright (c) Duende Software. All rights reserved.
2 | // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
3 |
4 | namespace Duende.IdentityModel.Client;
5 |
6 | ///
7 | /// Request for dynamic client registration
8 | ///
9 | ///
10 | public class DynamicClientRegistrationRequest : ProtocolRequest
11 | {
12 | ///
13 | /// Gets or sets the token.
14 | ///
15 | ///
16 | /// The token.
17 | ///
18 | public string? Token { get; set; }
19 |
20 | ///
21 | /// Gets or sets the registration request.
22 | ///
23 | ///
24 | /// The registration request.
25 | ///
26 | public DynamicClientRegistrationDocument Document { get; set; } = default!;
27 | }
28 |
--------------------------------------------------------------------------------
/access-token-management/src/AccessTokenManagement/ServiceProviderKeys.cs:
--------------------------------------------------------------------------------
1 | // Copyright (c) Duende Software. All rights reserved.
2 | // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
3 |
4 | namespace Duende.AccessTokenManagement;
5 |
6 | ///
7 | /// Keys that are used to inject different implementations into a specific service.
8 | ///
9 | public static class ServiceProviderKeys
10 | {
11 | ///
12 | /// Key for the client credentials token cache. Use this to inject a different cache implementation into the client credentials token cache.
13 | ///
14 | public const string ClientCredentialsTokenCache = "ClientCredentialsTokenCache";
15 |
16 | ///
17 | /// Key for the DPoP nonce store. Use this to inject a different cache into the DPoP nonce store.
18 | ///
19 | public const string DPoPNonceStore = "DPoPNonceStore";
20 | }
21 |
--------------------------------------------------------------------------------
/identity-model/samples/HttpClientFactory/Views/Shared/Error.cshtml:
--------------------------------------------------------------------------------
1 | @model ErrorViewModel
2 | @{
3 | ViewData["Title"] = "Error";
4 | }
5 |
6 | Error.
7 | An error occurred while processing your request.
8 |
9 | @if (Model.ShowRequestId)
10 | {
11 |
12 | Request ID: @Model.RequestId
13 |
14 | }
15 |
16 | Development Mode
17 |
18 | Swapping to Development environment will display more detailed information about the error that occurred.
19 |
20 |
21 | Development environment should not be enabled in deployed applications, as it can result in sensitive information from exceptions being displayed to end users. For local debugging, development environment can be enabled by setting the ASPNETCORE_ENVIRONMENT environment variable to Development, and restarting the application.
22 |
23 |
--------------------------------------------------------------------------------
/identity-model-oidc-client/test/IdentityModel.OidcClient.Tests/DPoP/Framework/DPoP/IReplayCache.cs:
--------------------------------------------------------------------------------
1 | // Copyright (c) Duende Software. All rights reserved.
2 | // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
3 |
4 | namespace Duende.IdentityModel.OidcClient.DPoP.Framework.DPoP;
5 |
6 | public interface IReplayCache
7 | {
8 | ///
9 | /// Adds a handle to the cache
10 | ///
11 | ///
12 | ///
13 | ///
14 | ///
15 | Task AddAsync(string purpose, string handle, DateTimeOffset expiration);
16 |
17 |
18 | ///
19 | /// Checks if a cached handle exists
20 | ///
21 | ///
22 | ///
23 | ///
24 | Task ExistsAsync(string purpose, string handle);
25 | }
26 |
--------------------------------------------------------------------------------
/access-token-management/src/AccessTokenManagement/IClientAssertionService.cs:
--------------------------------------------------------------------------------
1 | // Copyright (c) Duende Software. All rights reserved.
2 | // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
3 |
4 | using Duende.IdentityModel.Client;
5 |
6 | namespace Duende.AccessTokenManagement;
7 |
8 | ///
9 | /// Service to create client assertions for back-channel clients
10 | ///
11 | public interface IClientAssertionService
12 | {
13 | ///
14 | /// Creates a client assertion based on client or configuration scheme (if present)
15 | ///
16 | ///
17 | ///
18 | ///
19 | ///
20 | Task GetClientAssertionAsync(
21 | ClientCredentialsClientName? clientName = null,
22 | TokenRequestParameters? parameters = null,
23 | CT ct = default);
24 | }
25 |
--------------------------------------------------------------------------------
/access-token-management/test/AccessTokenManagement.Tests/TokenRequestCustomizer/HttpResponseMessageExtensions.cs:
--------------------------------------------------------------------------------
1 | // Copyright (c) Duende Software. All rights reserved.
2 | // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
3 |
4 | using System.IdentityModel.Tokens.Jwt;
5 | using Duende.AccessTokenManagement.Framework;
6 |
7 | namespace Duende.AccessTokenManagement.TokenRequestCustomizer;
8 |
9 | internal static class HttpResponseMessageExtensions
10 | {
11 | internal static JwtSecurityToken ParseTokenFromResponse(this HttpResponseMessage response)
12 | {
13 | var result = response.Content.ReadAsStringAsync().Result;
14 | var tokenResult = System.Text.Json.JsonSerializer.Deserialize(result);
15 | var tokenHandler = new JwtSecurityTokenHandler();
16 | var token = tokenHandler.ReadJwtToken(tokenResult!.token.Replace("Bearer ", string.Empty));
17 | return token;
18 | }
19 | }
20 |
--------------------------------------------------------------------------------
/identity-model-oidc-client/src/IdentityModel.OidcClient/Infrastructure/OidcClientOptionsExtensions.cs:
--------------------------------------------------------------------------------
1 | // Copyright (c) Duende Software. All rights reserved.
2 | // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
3 |
4 | namespace Duende.IdentityModel.OidcClient.Infrastructure;
5 |
6 | internal static class OidcClientOptionsExtensions
7 | {
8 | public static HttpClient CreateClient(this OidcClientOptions options)
9 | {
10 | if (options.HttpClientFactory != null)
11 | {
12 | return options.HttpClientFactory(options);
13 | }
14 |
15 | HttpClient client;
16 |
17 | if (options.BackchannelHandler != null)
18 | {
19 | client = new HttpClient(options.BackchannelHandler);
20 | }
21 | else
22 | {
23 | client = new HttpClient();
24 | }
25 |
26 | client.Timeout = options.BackchannelTimeout;
27 | return client;
28 | }
29 | }
30 |
--------------------------------------------------------------------------------
/identity-model-oidc-client/test/IdentityModel.OidcClient.Tests/DPoP/Framework/IntegrationTestBase.cs:
--------------------------------------------------------------------------------
1 | // Copyright (c) Duende Software. All rights reserved.
2 | // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
3 |
4 | namespace Duende.IdentityModel.OidcClient.DPoP.Framework;
5 |
6 | public class IntegrationTestBase : IAsyncLifetime
7 | {
8 | protected readonly IdentityServerHost IdentityServerHost;
9 | protected ApiHost ApiHost;
10 |
11 | public IntegrationTestBase()
12 | {
13 | IdentityServerHost = new IdentityServerHost();
14 | ApiHost = new ApiHost(IdentityServerHost);
15 | }
16 |
17 | public async ValueTask DisposeAsync()
18 | {
19 | await ApiHost.DisposeAsync();
20 | await IdentityServerHost.DisposeAsync();
21 | }
22 |
23 | public async ValueTask InitializeAsync()
24 | {
25 | await ApiHost.InitializeAsync();
26 | await IdentityServerHost.InitializeAsync();
27 | }
28 | }
29 |
--------------------------------------------------------------------------------
/identity-model/src/IdentityModel/Client/BasicAuthenticationHeaderStyle.cs:
--------------------------------------------------------------------------------
1 | // Copyright (c) Duende Software. All rights reserved.
2 | // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
3 |
4 | namespace Duende.IdentityModel.Client;
5 |
6 | ///
7 | /// Enum for specifying then encoding style of the basic authentication header
8 | ///
9 | public enum BasicAuthenticationHeaderStyle
10 | {
11 | ///
12 | /// Recommended. Uses the encoding as described in the OAuth 2.0 spec (https://tools.ietf.org/html/rfc6749#section-2.3.1). Base64(urlformencode(client_id) + ":" + urlformencode(client_secret))
13 | ///
14 | Rfc6749,
15 | ///
16 | /// Uses the encoding as described in the original basic authentication spec (https://tools.ietf.org/html/rfc2617#section-2 - used by some non-OAuth 2.0 compliant authorization servers). Base64(client_id + ":" + client_secret).
17 | ///
18 | Rfc2617
19 | }
20 |
--------------------------------------------------------------------------------
/identity-model/src/IdentityModel/Client/Messages/BackchannelAuthenticationTokenRequest.cs:
--------------------------------------------------------------------------------
1 | // Copyright (c) Duende Software. All rights reserved.
2 | // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
3 |
4 | namespace Duende.IdentityModel.Client;
5 |
6 | ///
7 | /// Request for token using urn:openid:params:grant-type:ciba grant type
8 | ///
9 | ///
10 | public class BackchannelAuthenticationTokenRequest : TokenRequest
11 | {
12 | ///
13 | /// REQUIRED. It is the unique identifier to identify the authentication request (transaction) made by the Client.
14 | ///
15 | public string AuthenticationRequestId { get; set; } = default!;
16 |
17 | ///
18 | /// List of requested resources
19 | ///
20 | ///
21 | /// The resources.
22 | ///
23 | public ICollection Resource { get; set; } = new HashSet();
24 | }
25 |
--------------------------------------------------------------------------------
/identity-model/src/IdentityModel/Internal/AsyncLazy.cs:
--------------------------------------------------------------------------------
1 | // Copyright (c) Duende Software. All rights reserved.
2 | // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
3 |
4 | namespace Duende.IdentityModel.Internal;
5 |
6 | internal class AsyncLazy : Lazy>
7 | {
8 | public AsyncLazy(Func> taskFactory) :
9 | base(() => GetTaskAsync(taskFactory).Unwrap())
10 | { }
11 |
12 | private static async Task> GetTaskAsync(Func> taskFactory)
13 | {
14 | if (TaskHelpers.CanFactoryStartNew)
15 | {
16 | // Runs the task factory in a background thread and retrieves the resulting task.
17 | return Task>.Factory.StartNew(taskFactory).Unwrap();
18 | }
19 | else
20 | {
21 | // Let the task factory run synchronously in its own context.
22 | await Task.Yield();
23 |
24 | return taskFactory();
25 | }
26 | }
27 | }
28 |
--------------------------------------------------------------------------------
/access-token-management/src/AccessTokenManagement.OpenIdConnect/Internal/HttpContextUserAccessor.cs:
--------------------------------------------------------------------------------
1 | // Copyright (c) Duende Software. All rights reserved.
2 | // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
3 |
4 | using System.Security.Claims;
5 | using Microsoft.AspNetCore.Http;
6 |
7 | namespace Duende.AccessTokenManagement.OpenIdConnect.Internal;
8 |
9 | ///
10 | /// Accesses the current principal based on the HttpContext.User.
11 | ///
12 | internal class HttpContextUserAccessor : IUserAccessor
13 | {
14 | private readonly IHttpContextAccessor _httpContextAccessor;
15 |
16 | ///
17 | /// ctor
18 | ///
19 | public HttpContextUserAccessor(IHttpContextAccessor httpContextAccessor) => _httpContextAccessor = httpContextAccessor;
20 |
21 | ///
22 | public Task GetCurrentUserAsync(CT ct = default) => Task.FromResult(_httpContextAccessor.HttpContext?.User ?? new ClaimsPrincipal());
23 | }
24 |
--------------------------------------------------------------------------------
/access-token-management/test/AccessTokenManagement.Tests/Framework/TestClientAssertionService.cs:
--------------------------------------------------------------------------------
1 | // Copyright (c) Duende Software. All rights reserved.
2 | // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
3 |
4 |
5 | using Duende.IdentityModel.Client;
6 |
7 | namespace Duende.AccessTokenManagement.Framework;
8 |
9 | public class TestClientAssertionService(string name, string assertionType, string assertionValue)
10 | : IClientAssertionService
11 | {
12 | public Task GetClientAssertionAsync(ClientCredentialsClientName? clientName = null, TokenRequestParameters? parameters = null, CancellationToken ct = default)
13 | {
14 | if (clientName == name)
15 | {
16 | return Task.FromResult(new()
17 | {
18 | Type = assertionType,
19 | Value = assertionValue
20 | });
21 | }
22 |
23 | return Task.FromResult(null);
24 | }
25 | }
26 |
--------------------------------------------------------------------------------
/introspection/src/AspNetCore.Authentication.OAuth2Introspection/AspNetCore.Authentication.OAuth2Introspection.csproj:
--------------------------------------------------------------------------------
1 |
2 |
3 | net8.0;net9.0;net10.0
4 | Duende.AspNetCore.Authentication.OAuth2Introspection
5 | Duende.AspNetCore.Authentication.OAuth2Introspection
6 | Duende.AspNetCore.Authentication.OAuth2Introspection
7 | ASP.NET Core authentication handler for validating tokens using OAuth 2.0 introspection
8 | OAuth2;OAuth 2.0;Introspection;Security;Identity;IdentityServer
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
--------------------------------------------------------------------------------
/access-token-management/src/AccessTokenManagement/DPoP/Internal/DefaultDPoPKeyStore.cs:
--------------------------------------------------------------------------------
1 | // Copyright (c) Duende Software. All rights reserved.
2 | // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
3 |
4 | using Microsoft.Extensions.Options;
5 |
6 | namespace Duende.AccessTokenManagement.DPoP.Internal;
7 |
8 | ///
9 | /// Default implementation, which reads the dpop key from the client configuration.
10 | ///
11 | internal class DefaultDPoPKeyStore(IOptionsMonitor options) : IDPoPKeyStore
12 | {
13 | ///
14 | public virtual Task GetKeyAsync(ClientCredentialsClientName clientName,
15 | CT ct = default)
16 | {
17 | var client = options.Get(clientName.ToString());
18 |
19 |
20 | if (client.DPoPJsonWebKey == null)
21 | {
22 | return Task.FromResult(null);
23 | }
24 |
25 | return Task.FromResult(client.DPoPJsonWebKey);
26 | }
27 | }
28 |
--------------------------------------------------------------------------------
/identity-model/samples/HttpClientFactory/wwwroot/css/site.css:
--------------------------------------------------------------------------------
1 | /* Please see documentation at https://docs.microsoft.com/aspnet/core/client-side/bundling-and-minification\
2 | for details on configuring this project to bundle and minify static web assets. */
3 | body {
4 | padding-top: 50px;
5 | padding-bottom: 20px;
6 | }
7 |
8 | /* Wrapping element */
9 | /* Set some basic padding to keep content from hitting the edges */
10 | .body-content {
11 | padding-left: 15px;
12 | padding-right: 15px;
13 | }
14 |
15 | /* Carousel */
16 | .carousel-caption p {
17 | font-size: 20px;
18 | line-height: 1.4;
19 | }
20 |
21 | /* Make .svg files in the carousel display properly in older browsers */
22 | .carousel-inner .item img[src$=".svg"] {
23 | width: 100%;
24 | }
25 |
26 | /* QR code generator */
27 | #qrCode {
28 | margin: 15px;
29 | }
30 |
31 | /* Hide/rearrange for smaller screens */
32 | @media screen and (max-width: 767px) {
33 | /* Hide captions */
34 | .carousel-caption {
35 | display: none;
36 | }
37 | }
38 |
--------------------------------------------------------------------------------
/identity-model/test/IdentityModel.Tests/documents/success_introspection_response.jwt:
--------------------------------------------------------------------------------
1 | eyJraWQiOiJ3RzZEIiwidHlwIjoidG9rZW4taW50cm9zcGVjdGlvbitqd3QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2FzLmV4YW1wbGUuY29tLyIsImF1ZCI6Imh0dHBzOi8vcnMuZXhhbXBsZS5jb20vcmVzb3VyY2UiLCJpYXQiOjE1MTQ3OTc4OTIsInRva2VuX2ludHJvc3BlY3Rpb24iOnsiYWN0aXZlIjp0cnVlLCJpc3MiOiJodHRwczovL2FzLmV4YW1wbGUuY29tLyIsImF1ZCI6Imh0dHBzOi8vcnMuZXhhbXBsZS5jb20vcmVzb3VyY2UiLCJpYXQiOjE1MTQ3OTc4MjIsImV4cCI6MTUxNDc5Nzk0MiwiY2xpZW50X2lkIjoicGFpQjJnb28wYSIsInNjb3BlIjoicmVhZCB3cml0ZSBkb2xwaGluIiwic3ViIjoiWjVPM3VwUEM4OFFyQWp4MDBkaXMiLCJiaXJ0aGRhdGUiOiIxOTgyLTAyLTAxIiwiZ2l2ZW5fbmFtZSI6IkpvaG4iLCJmYW1pbHlfbmFtZSI6IkRvZSIsImp0aSI6InQxRm9DQ2FaZDRYdjRPUkpVV1ZVZVRaZnNLaFczMENRQ3JXRERqd1h5NncifX0.przJMU5GhmNzvwtt1Sr-xa9xTkpiAg5IshbQsRiRVP_7eGR1GHYrNwQh84kxOkHCyje2g5WSRcYosGEVIiC-eoPJJ-qBwqwSlgx9JEeCDw2W5DjrblOI_N0Jvsq_dUeOyoWVMqlOydOBhKNY0smBrI4NZvEExucOm9WUJXMuJtvq1gBes-0go5j4TEv9sOP9uu81gqWTr_LOo6pgT0tFFyZfWC4kbXPXiQ2YT6mxCiQRRNM-l9cBdF6Jx6IOrsfFhBuYdYQ_mlL19HgDDOFaleyqmru6lKlASOsaE8dmLSeKcX91FbG79FKN8un24iwIDCbKT9xlUFl54xWVShNDFA
2 |
--------------------------------------------------------------------------------
/introspection/src/AspNetCore.Authentication.OAuth2Introspection/Context/SendingRequestContext.cs:
--------------------------------------------------------------------------------
1 | // Copyright (c) Duende Software. All rights reserved.
2 | // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
3 |
4 | using Duende.IdentityModel.Client;
5 | using Microsoft.AspNetCore.Authentication;
6 | using Microsoft.AspNetCore.Http;
7 |
8 | namespace Duende.AspNetCore.Authentication.OAuth2Introspection.Context;
9 |
10 | ///
11 | /// Context for the SendingRequest event
12 | ///
13 | public class SendingRequestContext(
14 | HttpContext context,
15 | AuthenticationScheme scheme,
16 | OAuth2IntrospectionOptions options,
17 | TokenIntrospectionRequest tokenIntrospectionRequest)
18 | : BaseContext(context, scheme, options)
19 | {
20 | ///
21 | /// The request
22 | ///
23 | public TokenIntrospectionRequest TokenIntrospectionRequest => tokenIntrospectionRequest;
24 | }
25 |
--------------------------------------------------------------------------------
/identity-model/src/IdentityModel/Client/Messages/ResponseErrorType.cs:
--------------------------------------------------------------------------------
1 | // Copyright (c) Duende Software. All rights reserved.
2 | // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
3 |
4 | namespace Duende.IdentityModel.Client;
5 |
6 | ///
7 | /// Various reasons for a protocol endpoint error
8 | ///
9 | public enum ResponseErrorType
10 | {
11 | ///
12 | /// none
13 | ///
14 | None,
15 |
16 | ///
17 | /// protocol related - valid response, but some protocol level error.
18 | ///
19 | Protocol,
20 |
21 | ///
22 | /// HTTP error - e.g. 404.
23 | ///
24 | Http,
25 |
26 | ///
27 | /// An exception occurred - exception while connecting to the endpoint, e.g. TLS problems.
28 | ///
29 | Exception,
30 |
31 | ///
32 | /// A policy violation - a configured policy was violated.
33 | ///
34 | PolicyViolation
35 | }
36 |
--------------------------------------------------------------------------------
/identity-model-oidc-client/samples/Maui/MauiApp1/MauiApp1/Platforms/Windows/App.xaml.cs:
--------------------------------------------------------------------------------
1 | // Copyright (c) Duende Software. All rights reserved.
2 | // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
3 |
4 | using Microsoft.UI.Xaml;
5 |
6 | // To learn more about WinUI, the WinUI project structure,
7 | // and more about our project templates, see: http://aka.ms/winui-project-info.
8 |
9 | namespace MauiApp1.WinUI;
10 | ///
11 | /// Provides application-specific behavior to supplement the default Application class.
12 | ///
13 | public partial class App : MauiWinUIApplication
14 | {
15 | ///
16 | /// Initializes the singleton application object. This is the first line of authored code
17 | /// executed, and as such is the logical equivalent of main() or WinMain().
18 | ///
19 | public App()
20 | {
21 | this.InitializeComponent();
22 | }
23 |
24 | protected override MauiApp CreateMauiApp() => MauiProgram.CreateMauiApp();
25 | }
26 |
27 |
--------------------------------------------------------------------------------
/access-token-management/samples/BlazorServer/Plumbing/AccountController.cs:
--------------------------------------------------------------------------------
1 | // Copyright (c) Duende Software. All rights reserved.
2 | // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
3 |
4 | using Microsoft.AspNetCore.Authentication;
5 | using Microsoft.AspNetCore.Authorization;
6 | using Microsoft.AspNetCore.Mvc;
7 |
8 | namespace BlazorServer.Plumbing;
9 |
10 | [AllowAnonymous]
11 | public class AccountController : ControllerBase
12 | {
13 | public IActionResult LogIn(string? returnUrl)
14 | {
15 | var redirectUri = "/";
16 |
17 | if (!string.IsNullOrWhiteSpace(returnUrl))
18 | {
19 | if (Url.IsLocalUrl(returnUrl))
20 | {
21 | redirectUri = returnUrl;
22 | }
23 | }
24 |
25 | var props = new AuthenticationProperties
26 | {
27 | RedirectUri = redirectUri
28 | };
29 |
30 | return Challenge(props);
31 | }
32 |
33 | public IActionResult LogOut() => SignOut("cookie", "oidc");
34 | }
35 |
--------------------------------------------------------------------------------
/access-token-management/src/AccessTokenManagement.OpenIdConnect/Internal/CircuitServicesServiceCollectionExtensions.cs:
--------------------------------------------------------------------------------
1 | // Copyright (c) Duende Software. All rights reserved.
2 | // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
3 |
4 | using Microsoft.AspNetCore.Components.Server.Circuits;
5 | using Microsoft.Extensions.DependencyInjection;
6 |
7 | namespace Duende.AccessTokenManagement.OpenIdConnect.Internal;
8 |
9 | // This code is from the blazor documentation:
10 | // https://learn.microsoft.com/en-us/aspnet/core/blazor/fundamentals/dependency-injection?view=aspnetcore-8.0#access-server-side-blazor-services-from-a-different-di-scope
11 |
12 | internal static class CircuitServicesServiceCollectionExtensions
13 | {
14 | public static IServiceCollection AddCircuitServicesAccessor(
15 | this IServiceCollection services)
16 | {
17 | services.AddScoped();
18 | services.AddScoped();
19 |
20 | return services;
21 | }
22 | }
23 |
--------------------------------------------------------------------------------
/access-token-management/samples/WebJarJwt/Views/Home/Secure.cshtml:
--------------------------------------------------------------------------------
1 | @using Microsoft.AspNetCore.Authentication
2 |
3 | Call API as User
4 |
5 | Manual
6 | |
7 | Extension method
8 | |
9 | HTTP client factory
10 | |
11 | HTTP client factory (typed)
12 |
13 | Call API as Client
14 |
15 | Extension method
16 | |
17 | HTTP client factory
18 | |
19 | HTTP client factory (typed)
20 |
21 |
22 | Claims
23 |
24 |
25 | @foreach (var claim in User.Claims)
26 | {
27 | - @claim.Type
28 | - @claim.Value
29 | }
30 |
31 |
32 | Properties
33 |
34 |
35 | @foreach (var prop in (await Context!.AuthenticateAsync())!.Properties!.Items)
36 | {
37 | - @prop.Key
38 | - @prop.Value
39 | }
40 |
41 |
--------------------------------------------------------------------------------
/access-token-management/src/AccessTokenManagement/Internal/Crypto.cs:
--------------------------------------------------------------------------------
1 | // Copyright (c) Duende Software. All rights reserved.
2 | // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
3 |
4 | using System.Buffers.Text;
5 | using System.Security.Cryptography;
6 | using System.Text;
7 |
8 | namespace Duende.AccessTokenManagement.Internal;
9 |
10 | internal static class Crypto
11 | {
12 | ///
13 | /// Simple hashing algorithm that should only be used to obfuscate ephemeral data in a deterministic way
14 | /// in logs, not for storing passwords
15 | ///
16 | /// The data to hash
17 | /// Hash of the incoming data.
18 | public static string HashData(string data)
19 | {
20 | using var sha = SHA256.Create();
21 | var hash = sha.ComputeHash(Encoding.ASCII.GetBytes(data));
22 |
23 | var leftPart = new byte[16];
24 | Array.Copy(hash, leftPart, 16);
25 |
26 | return Base64Url.EncodeToString(leftPart);
27 | }
28 | }
29 |
--------------------------------------------------------------------------------
/identity-model-oidc-client/src/IdentityModel.OidcClient/LogoutResult.cs:
--------------------------------------------------------------------------------
1 | // Copyright (c) Duende Software. All rights reserved.
2 | // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
3 |
4 | namespace Duende.IdentityModel.OidcClient;
5 |
6 | ///
7 | /// Models the result of a logout
8 | ///
9 | ///
10 | public class LogoutResult : Result
11 | {
12 | ///
13 | /// Initializes a new instance of the class.
14 | ///
15 | public LogoutResult()
16 | {
17 | }
18 |
19 | ///
20 | /// Initializes a new instance of the class.
21 | ///
22 | /// The error.
23 | public LogoutResult(string error) => Error = error;
24 |
25 | ///
26 | /// Gets or sets the response.
27 | ///
28 | ///
29 | /// The response.
30 | ///
31 | public string Response { get; set; }
32 | }
33 |
--------------------------------------------------------------------------------
/test.props:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | $(NoWarn);1591
5 | latest
6 | full
7 | false
8 | true
9 | true
10 | enable
11 | true
12 | $(NoWarn);NU1507
13 | true
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
29 |
30 |
31 |
--------------------------------------------------------------------------------