Teknikode
/
Teknik
Watch 3
Star 17
Fork 4
Code Issues 38 Pull Requests 0 Releases 3 Wiki Activity
The next generation of the Teknik Services. Written in ASP.NET. https://www.teknik.io/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
747 Commits
2 Branches
Tree: be5d5a49aa
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'be5d5a49aa'
${ noResults }
Teknik/IdentityServer/Controllers/ManageController.cs

ManageController.cs 29KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713 
  1. using System;

  2. using System.Collections.Generic;

  3. using System.Linq;

  4. using System.Text;

  5. using System.Threading.Tasks;

  6. using IdentityServer4;

  7. using IdentityServer4.Configuration;

  8. using IdentityServer4.EntityFramework.DbContexts;

  9. using IdentityServer4.EntityFramework.Entities;

  10. using IdentityServer4.EntityFramework.Mappers;

  11. using IdentityServer4.Models;

  12. using IdentityServer4.Services;

  13. using IdentityServer4.Stores;

  14. using Microsoft.AspNetCore.Authorization;

  15. using Microsoft.AspNetCore.Identity;

  16. using Microsoft.AspNetCore.Mvc;

  17. using Microsoft.EntityFrameworkCore;

  18. using Microsoft.EntityFrameworkCore.Internal;

  19. using Microsoft.Extensions.Caching.Memory;

  20. using Microsoft.Extensions.Logging;

  21. using Newtonsoft.Json.Linq;

  22. using Teknik.Configuration;

  23. using Teknik.IdentityServer.Models;

  24. using Teknik.IdentityServer.Models.Manage;

  25. using Teknik.IdentityServer.Services;

  26. using Teknik.Logging;

  27. using Teknik.Utilities;

  28. 

  29. namespace Teknik.IdentityServer.Controllers

  30. {

  31.     [Authorize(Policy = "Internal", AuthenticationSchemes = "Bearer")]

  32.     [Route("[controller]/[action]")]

  33.     [ApiController]

  34.     public class ManageController : DefaultController

  35.     {

  36.         private const string _KeySeparator = ":";

  37.         private const string _UserInfoCacheKey = "UserInfo";

  38. 

  39.         private readonly UserManager<ApplicationUser> _userManager;

  40.         private readonly SignInManager<ApplicationUser> _signInManager;

  41.         private readonly IMemoryCache _cache;

  42. 

  43.         public ManageController(

  44.             ILogger<Logger> logger,

  45.             Config config,

  46.             UserManager<ApplicationUser> userManager,

  47.             SignInManager<ApplicationUser> signInManager,

  48.             IMemoryCache cache) : base(logger, config)

  49.         {

  50.             _userManager = userManager;

  51.             _signInManager = signInManager;

  52.             _cache = cache;

  53.         }

  54. 

  55.         [HttpPost]

  56.         public async Task<IActionResult> CreateUser(NewUserModel model)

  57.         {

  58.             if (string.IsNullOrEmpty(model.Username))

  59.                 return new JsonResult(new { success = false, message = "Username is required" });

  60.             if (string.IsNullOrEmpty(model.Password))

  61.                 return new JsonResult(new { success = false, message = "Password is required" });

  62. 

  63.             var identityUser = new ApplicationUser(model.Username)

  64.             {

  65.                 Id = Guid.NewGuid().ToString(),

  66.                 UserName = model.Username,

  67.                 AccountStatus = model.AccountStatus,

  68.                 AccountType = model.AccountType,

  69.                 Email = model.RecoveryEmail,

  70.                 EmailConfirmed = model.RecoveryVerified,

  71.                 PGPPublicKey = model.PGPPublicKey

  72.             };

  73.             var result = await _userManager.CreateAsync(identityUser, model.Password);

  74.             if (result.Succeeded)

  75.             {

  76.                 return new JsonResult(new { success = true });

  77.             }

  78. 

  79.             return new JsonResult(new { success = false, message = "Unable to create user.", identityErrors = result.Errors });

  80.         }

  81. 

  82.         [HttpPost]

  83.         public async Task<IActionResult> DeleteUser(DeleteUserModel model, [FromServices] ConfigurationDbContext configContext)

  84.         {

  85.             if (string.IsNullOrEmpty(model.Username))

  86.                 return new JsonResult(new { success = false, message = "Username is required" });

  87. 

  88.             var foundUser = await _userManager.FindByNameAsync(model.Username);

  89.             if (foundUser != null)

  90.             {

  91.                 // Find this user's clients

  92.                 var foundClients = configContext.Clients.Where(c =>

  93.                                         c.Properties.Exists(p =>

  94.                                             p.Key == "username" &&

  95.                                             p.Value.ToLower() == model.Username.ToLower())

  96.                                         ).ToList();

  97.                 if (foundClients != null)

  98.                 {

  99.                     configContext.Clients.RemoveRange(foundClients);

  100.                     configContext.SaveChanges();

  101.                 }

  102. 

  103.                 var result = await _userManager.DeleteAsync(foundUser);

  104.                 if (result.Succeeded)

  105.                 {

  106.                     RemoveCachedUser(model.Username);

  107. 

  108.                     return new JsonResult(new { success = true });

  109.                 }

  110.                 else

  111.                     return new JsonResult(new { success = false, message = "Unable to delete user.", identityErrors = result.Errors });

  112.             }

  113. 

  114.             return new JsonResult(new { success = false, message = "User does not exist." });

  115.         }

  116. 

  117.         [HttpGet]

  118.         public async Task<IActionResult> UserExists(string username)

  119.         {

  120.             if (string.IsNullOrEmpty(username))

  121.                 return new JsonResult(new { success = false, message = "Username is required" });

  122.             

  123.             var foundUser = await _userManager.FindByNameAsync(username);

  124.             return new JsonResult(new { success = true, data = foundUser != null });

  125.         }

  126. 

  127.         [HttpGet]

  128.         public async Task<IActionResult> GetUserInfo(string username)

  129.         {

  130.             if (string.IsNullOrEmpty(username))

  131.                 return new JsonResult(new { success = false, message = "Username is required" });

  132. 

  133.             var foundUser = await GetCachedUser(username);

  134.             if (foundUser != null)

  135.             {

  136.                 return new JsonResult(new { success = true, data = foundUser.ToJson() });

  137.             }

  138.             return new JsonResult(new { success = false, message = "User does not exist." });

  139.         }

  140. 

  141.         [HttpPost]

  142.         public async Task<IActionResult> CheckPassword(CheckPasswordModel model)

  143.         {

  144.             if (string.IsNullOrEmpty(model.Username))

  145.                 return new JsonResult(new { success = false, message = "Username is required" });

  146.             if (string.IsNullOrEmpty(model.Password))

  147.                 return new JsonResult(new { success = false, message = "Password is required" });

  148. 

  149.             var foundUser = await _userManager.FindByNameAsync(model.Username);

  150.             if (foundUser != null)

  151.             {

  152.                 bool valid = await _userManager.CheckPasswordAsync(foundUser, model.Password);

  153.                 return new JsonResult(new { success = true, data = valid });

  154.             }

  155. 

  156.             return new JsonResult(new { success = false, message = "User does not exist." });

  157.         }

  158. 

  159.         [HttpPost]

  160.         public async Task<IActionResult> GeneratePasswordResetToken(GeneratePasswordResetTokenModel model)

  161.         {

  162.             if (string.IsNullOrEmpty(model.Username))

  163.                 return new JsonResult(new { success = false, message = "Username is required" });

  164. 

  165.             var foundUser = await _userManager.FindByNameAsync(model.Username);

  166.             if (foundUser != null)

  167.             {

  168.                 string token = await _userManager.GeneratePasswordResetTokenAsync(foundUser);

  169.                 return new JsonResult(new { success = true, data = token });

  170.             }

  171. 

  172.             return new JsonResult(new { success = false, message = "User does not exist." });

  173.         }

  174. 

  175.         [HttpPost]

  176.         public async Task<IActionResult> ResetPassword(ResetPasswordModel model)

  177.         {

  178.             if (string.IsNullOrEmpty(model.Username))

  179.                 return new JsonResult(new { success = false, message = "Username is required" });

  180.             if (string.IsNullOrEmpty(model.Token))

  181.                 return new JsonResult(new { success = false, message = "Token is required" });

  182.             if (string.IsNullOrEmpty(model.Password))

  183.                 return new JsonResult(new { success = false, message = "Password is required" });

  184. 

  185.             var foundUser = await _userManager.FindByNameAsync(model.Username);

  186.             if (foundUser != null)

  187.             {

  188.                 var result = await _userManager.ResetPasswordAsync(foundUser, model.Token, model.Password);

  189.                 if (result.Succeeded)

  190.                     return new JsonResult(new { success = true });

  191.                 else

  192.                     return new JsonResult(new { success = false, message = "Unable to reset password.", identityErrors = result.Errors });

  193.             }

  194. 

  195.             return new JsonResult(new { success = false, message = "User does not exist." });

  196.         }

  197. 

  198.         [HttpPost]

  199.         public async Task<IActionResult> UpdatePassword(UpdatePasswordModel model)

  200.         {

  201.             if (string.IsNullOrEmpty(model.Username))

  202.                 return new JsonResult(new { success = false, message = "Username is required" });

  203.             if (string.IsNullOrEmpty(model.CurrentPassword))

  204.                 return new JsonResult(new { success = false, message = "Current Password is required" });

  205.             if (string.IsNullOrEmpty(model.NewPassword))

  206.                 return new JsonResult(new { success = false, message = "New Password is required" });

  207. 

  208.             var foundUser = await _userManager.FindByNameAsync(model.Username);

  209.             if (foundUser != null)

  210.             {

  211.                 var result = await _userManager.ChangePasswordAsync(foundUser, model.CurrentPassword, model.NewPassword);

  212.                 if (result.Succeeded)

  213.                     return new JsonResult(new { success = true });

  214.                 else

  215.                     return new JsonResult(new { success = false, message = "Unable to update password.", identityErrors = result.Errors });

  216.             }

  217. 

  218.             return new JsonResult(new { success = false, message = "User does not exist." });

  219.         }

  220. 

  221.         [HttpPost]

  222.         public async Task<IActionResult> UpdateEmail(UpdateEmailModel model)

  223.         {

  224.             if (string.IsNullOrEmpty(model.Username))

  225.                 return new JsonResult(new { success = false, message = "Username is required" });

  226. 

  227.             var foundUser = await _userManager.FindByNameAsync(model.Username);

  228.             if (foundUser != null)

  229.             {

  230.                 var result = await _userManager.SetEmailAsync(foundUser, model.Email);

  231.                 if (result.Succeeded)

  232.                 {

  233.                     // Remove the UserInfo Cache

  234.                     RemoveCachedUser(model.Username);

  235. 

  236.                     var token = await _userManager.GenerateEmailConfirmationTokenAsync(foundUser);

  237.                     return new JsonResult(new { success = true, data = token });

  238.                 }

  239.                 else

  240.                     return new JsonResult(new { success = false, message = "Unable to update email address.", identityErrors = result.Errors });

  241.             }

  242. 

  243.             return new JsonResult(new { success = false, message = "User does not exist." });

  244.         }

  245. 

  246.         [HttpPost]

  247.         public async Task<IActionResult> VerifyEmail(VerifyEmailModel model)

  248.         {

  249.             if (string.IsNullOrEmpty(model.Username))

  250.                 return new JsonResult(new { success = false, message = "Username is required" });

  251.             if (string.IsNullOrEmpty(model.Token))

  252.                 return new JsonResult(new { success = false, message = "Token is required" });

  253. 

  254.             var foundUser = await _userManager.FindByNameAsync(model.Username);

  255.             if (foundUser != null)

  256.             {

  257.                 // Remove the UserInfo Cache

  258.                 RemoveCachedUser(model.Username);

  259. 

  260.                 var result = await _userManager.ConfirmEmailAsync(foundUser, model.Token);

  261.                 if (result.Succeeded)

  262.                     return new JsonResult(new { success = true });

  263.                 else

  264.                     return new JsonResult(new { success = false, message = "Unable to verify email address.", identityErrors = result.Errors });

  265.             }

  266. 

  267.             return new JsonResult(new { success = false, message = "User does not exist." });

  268.         }

  269. 

  270.         [HttpPost]

  271.         public async Task<IActionResult> UpdateAccountStatus(UpdateAccountStatusModel model)

  272.         {

  273.             if (string.IsNullOrEmpty(model.Username))

  274.                 return new JsonResult(new { success = false, message = "Username is required" });

  275. 

  276.             var foundUser = await _userManager.FindByNameAsync(model.Username);

  277.             if (foundUser != null)

  278.             {

  279.                 foundUser.AccountStatus = model.AccountStatus;

  280. 

  281.                 var result = await _userManager.UpdateAsync(foundUser);

  282.                 if (result.Succeeded)

  283.                 {

  284.                     // Remove the UserInfo Cache

  285.                     RemoveCachedUser(model.Username);

  286. 

  287.                     return new JsonResult(new { success = true });

  288.                 }

  289.                 else

  290.                     return new JsonResult(new { success = false, message = "Unable to update account status.", identityErrors = result.Errors });

  291.             }

  292. 

  293.             return new JsonResult(new { success = false, message = "User does not exist." });

  294.         }

  295. 

  296.         [HttpPost]

  297.         public async Task<IActionResult> UpdateAccountType(UpdateAccountTypeModel model)

  298.         {

  299.             if (string.IsNullOrEmpty(model.Username))

  300.                 return new JsonResult(new { success = false, message = "Username is required" });

  301. 

  302.             var foundUser = await _userManager.FindByNameAsync(model.Username);

  303.             if (foundUser != null)

  304.             {

  305.                 foundUser.AccountType = model.AccountType;

  306. 

  307.                 var result = await _userManager.UpdateAsync(foundUser);

  308.                 if (result.Succeeded)

  309.                 {

  310.                     // Remove the UserInfo Cache

  311.                     RemoveCachedUser(model.Username);

  312. 

  313.                     return new JsonResult(new { success = true });

  314.                 }

  315.                 else

  316.                     return new JsonResult(new { success = false, message = "Unable to update account type.", identityErrors = result.Errors });

  317.             }

  318. 

  319.             return new JsonResult(new { success = false, message = "User does not exist." });

  320.         }

  321. 

  322.         [HttpPost]

  323.         public async Task<IActionResult> UpdatePGPPublicKey(UpdatePGPPublicKeyModel model)

  324.         {

  325.             if (string.IsNullOrEmpty(model.Username))

  326.                 return new JsonResult(new { success = false, message = "Username is required" });

  327. 

  328.             var foundUser = await _userManager.FindByNameAsync(model.Username);

  329.             if (foundUser != null)

  330.             {

  331.                 foundUser.PGPPublicKey = model.PGPPublicKey;

  332. 

  333.                 var result = await _userManager.UpdateAsync(foundUser);

  334.                 if (result.Succeeded)

  335.                 {

  336.                     // Remove the UserInfo Cache

  337.                     RemoveCachedUser(model.Username);

  338. 

  339.                     return new JsonResult(new { success = true });

  340.                 }

  341.                 else

  342.                     return new JsonResult(new { success = false, message = "Unable to update pgp public key.", identityErrors = result.Errors });

  343.             }

  344. 

  345.             return new JsonResult(new { success = false, message = "User does not exist." });

  346.         }

  347. 

  348.         [HttpGet]

  349.         public async Task<IActionResult> Get2FAKey(string username)

  350.         {

  351.             if (string.IsNullOrEmpty(username))

  352.                 return new JsonResult(new { success = false, message = "Username is required" });

  353. 

  354.             var foundUser = await _userManager.FindByNameAsync(username);

  355.             if (foundUser != null)

  356.             {

  357.                 string unformattedKey = await _userManager.GetAuthenticatorKeyAsync(foundUser);

  358. 

  359.                 return new JsonResult(new { success = true, data = FormatKey(unformattedKey) });

  360.             }

  361. 

  362.             return new JsonResult(new { success = false, message = "User does not exist." });

  363.         }

  364. 

  365.         [HttpPost]

  366.         public async Task<IActionResult> Reset2FAKey(Reset2FAKeyModel model)

  367.         {

  368.             if (string.IsNullOrEmpty(model.Username))

  369.                 return new JsonResult(new { success = false, message = "Username is required" });

  370. 

  371.             var foundUser = await _userManager.FindByNameAsync(model.Username);

  372.             if (foundUser != null)

  373.             {

  374.                 // Remove the UserInfo Cache

  375.                 RemoveCachedUser(model.Username);

  376. 

  377.                 await _userManager.ResetAuthenticatorKeyAsync(foundUser);

  378.                 string unformattedKey = await _userManager.GetAuthenticatorKeyAsync(foundUser);

  379. 

  380.                 return new JsonResult(new { success = true, data = FormatKey(unformattedKey) });

  381.             }

  382. 

  383.             return new JsonResult(new { success = false, message = "User does not exist." });

  384.         }

  385. 

  386.         [HttpPost]

  387.         public async Task<IActionResult> Enable2FA(Enable2FAModel model)

  388.         {

  389.             if (string.IsNullOrEmpty(model.Username))

  390.                 return new JsonResult(new { success = false, message = "Username is required" });

  391.             if (string.IsNullOrEmpty(model.Code))

  392.                 return new JsonResult(new { success = false, message = "Code is required" });

  393. 

  394.             var foundUser = await _userManager.FindByNameAsync(model.Username);

  395.             if (foundUser != null)

  396.             {

  397.                 // Strip spaces and hypens

  398.                 var verificationCode = model.Code.Replace(" ", string.Empty).Replace("-", string.Empty);

  399. 

  400.                 var is2faTokenValid = await _userManager.VerifyTwoFactorTokenAsync(

  401.                     foundUser, _userManager.Options.Tokens.AuthenticatorTokenProvider, verificationCode);

  402. 

  403.                 if (is2faTokenValid)

  404.                 {

  405.                     var result = await _userManager.SetTwoFactorEnabledAsync(foundUser, true);

  406.                     if (result.Succeeded)

  407.                     {

  408.                         // Remove the UserInfo Cache

  409.                         RemoveCachedUser(model.Username);

  410. 

  411.                         var recoveryCodes = await _userManager.GenerateNewTwoFactorRecoveryCodesAsync(foundUser, 10);

  412.                         return new JsonResult(new { success = true, data = recoveryCodes.ToArray() });

  413.                     }

  414.                     else

  415.                         return new JsonResult(new { success = false, message = "Unable to set Two-Factor Authentication.", identityErrors = result.Errors });

  416.                 }

  417. 

  418.                 return new JsonResult(new { success = false, message = "Verification code is invalid." });

  419.             }

  420. 

  421.             return new JsonResult(new { success = false, message = "User does not exist." });

  422.         }

  423. 

  424.         [HttpPost]

  425.         public async Task<IActionResult> Disable2FA(Disable2FAModel model)

  426.         {

  427.             if (string.IsNullOrEmpty(model.Username))

  428.                 return new JsonResult(new { success = false, message = "Username is required" });

  429. 

  430.             var foundUser = await _userManager.FindByNameAsync(model.Username);

  431.             if (foundUser != null)

  432.             {

  433.                 var result = await _userManager.SetTwoFactorEnabledAsync(foundUser, false);

  434.                 if (result.Succeeded)

  435.                 {

  436.                     // Remove the UserInfo Cache

  437.                     RemoveCachedUser(model.Username);

  438. 

  439.                     return new JsonResult(new { success = true });

  440.                 }

  441.                 else

  442.                     return new JsonResult(new { success = false, message = "Unable to disable Two-Factor Authentication.", identityErrors = result.Errors });

  443.             }

  444. 

  445.             return new JsonResult(new { success = false, message = "User does not exist." });

  446.         }

  447. 

  448.         [HttpPost]

  449.         public async Task<IActionResult> GenerateRecoveryCodes(GenerateRecoveryCodesModel model)

  450.         {

  451.             if (string.IsNullOrEmpty(model.Username))

  452.                 return new JsonResult(new { success = false, message = "Username is required" });

  453. 

  454.             var foundUser = await _userManager.FindByNameAsync(model.Username);

  455.             if (foundUser != null)

  456.             {

  457.                 if (foundUser.TwoFactorEnabled)

  458.                 {

  459.                     // Remove the UserInfo Cache

  460.                     RemoveCachedUser(model.Username);

  461. 

  462.                     var recoveryCodes = await _userManager.GenerateNewTwoFactorRecoveryCodesAsync(foundUser, 10);

  463. 

  464.                     return new JsonResult(new { success = true, data = recoveryCodes.ToArray() });

  465.                 }

  466. 

  467.                 return new JsonResult(new { success = false, message = "Two-Factor Authentication is not enabled." });

  468.             }

  469. 

  470.             return new JsonResult(new { success = false, message = "User does not exist." });

  471.         }

  472. 

  473.         [HttpGet]

  474.         public async Task<IActionResult> GetClient(string username, string clientId, [FromServices] IClientStore clientStore, [FromServices] ConfigurationDbContext configContext)

  475.         {

  476.             if (string.IsNullOrEmpty(username))

  477.                 return new JsonResult(new { success = false, message = "Username is required" });

  478. 

  479.             if (string.IsNullOrEmpty(clientId))

  480.                 return new JsonResult(new { success = false, message = "Client Id is required" });

  481. 

  482.             var client = configContext.Clients.FirstOrDefault(c => 

  483.                                     c.ClientId == clientId && 

  484.                                     c.Properties.Exists(p => 

  485.                                         p.Key == "username" && 

  486.                                         p.Value.ToLower() == username.ToLower())

  487.                                     );

  488.             if (client != null)

  489.             {

  490.                 var foundClient = await clientStore.FindClientByIdAsync(client.ClientId);

  491.                 return new JsonResult(new { success = true, data = foundClient });

  492.             }

  493. 

  494.             return new JsonResult(new { success = false, message = "Client does not exist." });

  495.         }

  496. 

  497.         [HttpGet]

  498.         public async Task<IActionResult> GetClients(string username, [FromServices] IClientStore clientStore, [FromServices] ConfigurationDbContext configContext)

  499.         {

  500.             if (string.IsNullOrEmpty(username))

  501.                 return new JsonResult(new { success = false, message = "Username is required" });

  502. 

  503.             var foundClientIds = configContext.Clients.Where(c =>

  504.                                     c.Properties.Exists(p =>

  505.                                         p.Key == "username" &&

  506.                                         p.Value.ToLower() == username.ToLower())

  507.                                     ).Select(c => c.ClientId);

  508.             var clients = new List<IdentityServer4.Models.Client>();

  509.             foreach (var clientId in foundClientIds)

  510.             {

  511.                 var foundClient = await clientStore.FindClientByIdAsync(clientId);

  512.                 if (foundClient != null)

  513.                     clients.Add(foundClient);

  514.             }

  515. 

  516.             return new JsonResult(new { success = true, data = clients });

  517.         }

  518. 

  519.         [HttpPost]

  520.         public IActionResult CreateClient(CreateClientModel model, [FromServices] ConfigurationDbContext configContext)

  521.         {

  522.             // Generate a unique client ID

  523.             var clientId = StringHelper.RandomString(20, "abcdefghjkmnpqrstuvwxyz1234567890");

  524.             while (configContext.Clients.Where(c => c.ClientId == clientId).FirstOrDefault() != null)

  525.             {

  526.                 clientId = StringHelper.RandomString(20, "abcdefghjkmnpqrstuvwxyz1234567890");

  527.             }

  528. 

  529.             var clientSecret = StringHelper.RandomString(40, "abcdefghjkmnpqrstuvwxyz1234567890");

  530. 

  531.             // Generate the origin for the callback

  532.             Uri redirect = new Uri(model.CallbackUrl);

  533.             string origin = redirect.Scheme + "://" + redirect.Host;

  534. 

  535.             var client = new IdentityServer4.Models.Client

  536.             {

  537.                 Properties = new Dictionary<string, string>()

  538.                 {

  539.                     { "username", model.Username }

  540.                 },

  541.                 ClientId = clientId,

  542.                 ClientName = model.Name,

  543.                 ClientUri = model.HomepageUrl,

  544.                 LogoUri = model.LogoUrl,

  545.                 AllowedGrantTypes = new List<string>()

  546.                 {

  547.                     GrantType.AuthorizationCode,

  548.                     GrantType.ClientCredentials

  549.                 },

  550. 

  551.                 ClientSecrets =

  552.                 {

  553.                     new IdentityServer4.Models.Secret(clientSecret.Sha256())

  554.                 },

  555. 

  556.                 RequireConsent = true,

  557. 

  558.                 RedirectUris =

  559.                 {

  560.                     model.CallbackUrl

  561.                 },

  562. 

  563.                 AllowedCorsOrigins =

  564.                 {

  565.                     origin

  566.                 },

  567. 

  568.                 AllowedScopes = model.AllowedScopes,

  569. 

  570.                 AllowOfflineAccess = true

  571.             };

  572. 

  573.             configContext.Clients.Add(client.ToEntity());

  574.             configContext.SaveChanges();

  575. 

  576.             return new JsonResult(new { success = true, data = new { id = clientId, secret = clientSecret } });

  577.         }

  578. 

  579.         [HttpPost]

  580.         public IActionResult EditClient(EditClientModel model, [FromServices] ConfigurationDbContext configContext)

  581.         {

  582.             // Validate it's an actual client

  583.             var foundClient = configContext.Clients.Where(c => c.ClientId == model.ClientId).FirstOrDefault();

  584.             if (foundClient != null)

  585.             {

  586.                 foundClient.ClientName = model.Name;

  587.                 foundClient.ClientUri = model.HomepageUrl;

  588.                 foundClient.LogoUri = model.LogoUrl;

  589.                 foundClient.Updated = DateTime.Now;

  590.                 configContext.Entry(foundClient).State = EntityState.Modified;

  591. 

  592.                 // Update the redirect URL for this client

  593.                 var results = configContext.Set<ClientRedirectUri>().Where(c => c.ClientId == foundClient.Id).ToList();

  594.                 if (results != null)

  595.                 {

  596.                     configContext.RemoveRange(results);

  597.                 }

  598.                 var newUri = new ClientRedirectUri();

  599.                 newUri.Client = foundClient;

  600.                 newUri.ClientId = foundClient.Id;

  601.                 newUri.RedirectUri = model.CallbackUrl;

  602.                 configContext.Add(newUri);

  603. 

  604.                 // Generate the origin for the callback

  605.                 Uri redirect = new Uri(model.CallbackUrl);

  606.                 string origin = redirect.Scheme + "://" + redirect.Host;

  607. 

  608.                 // Update the allowed origin for this client

  609.                 var corsOrigins = configContext.Set<ClientCorsOrigin>().Where(c => c.ClientId == foundClient.Id).ToList();

  610.                 if (corsOrigins != null)

  611.                 {

  612.                     configContext.RemoveRange(corsOrigins);

  613.                 }

  614.                 var newOrigin = new ClientCorsOrigin();

  615.                 newOrigin.Client = foundClient;

  616.                 newOrigin.ClientId = foundClient.Id;

  617.                 newOrigin.Origin = origin;

  618.                 configContext.Add(newUri);

  619. 

  620.                 // Save all the changed

  621.                 configContext.SaveChanges();

  622. 

  623.                 // Clear the client cache

  624.                 RemoveCachedClient(model.ClientId);

  625. 

  626.                 return new JsonResult(new { success = true });

  627.             }

  628. 

  629.             return new JsonResult(new { success = false, message = "Client does not exist." });

  630.         }

  631. 

  632.         [HttpPost]

  633.         public IActionResult DeleteClient(DeleteClientModel model, [FromServices] ConfigurationDbContext configContext)

  634.         {            

  635.             var foundClient = configContext.Clients.Where(c => c.ClientId == model.ClientId).FirstOrDefault();

  636.             if (foundClient != null)

  637.             {

  638.                 configContext.Clients.Remove(foundClient);

  639.                 configContext.SaveChanges();

  640. 

  641.                 // Clear the client cache

  642.                 RemoveCachedClient(model.ClientId);

  643. 

  644.                 return new JsonResult(new { success = true });

  645.             }

  646. 

  647.             return new JsonResult(new { success = false, message = "Client does not exist." });

  648.         }

  649. 

  650.         private string FormatKey(string unformattedKey)

  651.         {

  652.             var result = new StringBuilder();

  653.             int currentPosition = 0;

  654.             while (currentPosition + 4 < unformattedKey.Length)

  655.             {

  656.                 result.Append(unformattedKey.Substring(currentPosition, 4)).Append(" ");

  657.                 currentPosition += 4;

  658.             }

  659.             if (currentPosition < unformattedKey.Length)

  660.             {

  661.                 result.Append(unformattedKey.Substring(currentPosition));

  662.             }

  663. 

  664.             return result.ToString().ToLowerInvariant();

  665.         }

  666. 

  667.         private async Task<ApplicationUser> GetCachedUser(string username)

  668.         {

  669.             if (string.IsNullOrEmpty(username))

  670.                 throw new ArgumentNullException("username");

  671. 

  672.             // Check the cache

  673.             string cacheKey = GetKey<ApplicationUser>(username);

  674.             ApplicationUser foundUser;

  675.             if (!_cache.TryGetValue(cacheKey, out foundUser))

  676.             {

  677.                 foundUser = await _userManager.FindByNameAsync(username);

  678.                 if (foundUser != null)

  679.                 {

  680.                     _cache.AddToCache(cacheKey, foundUser, new TimeSpan(1, 0, 0));

  681.                 }

  682.             }

  683. 

  684.             return foundUser;

  685.         }

  686. 

  687.         private void RemoveCachedUser(string username)

  688.         {

  689.             if (string.IsNullOrEmpty(username))

  690.                 throw new ArgumentNullException("username");

  691. 

  692.             string cacheKey = GetKey<ApplicationUser>(username);

  693.             _cache.Remove(cacheKey);

  694.         }

  695. 

  696.         private void RemoveCachedClient(string clientId)

  697.         {

  698.             if (string.IsNullOrEmpty(clientId))

  699.                 throw new ArgumentNullException("clientId");

  700. 

  701.             string key = GetKey<IdentityServer4.Models.Client>(clientId);

  702.             _cache.Remove(key);

  703.         }

  704. 

  705.         private string GetKey<T>(string key)

  706.         {

  707.             if (string.IsNullOrEmpty(key))

  708.                 throw new ArgumentNullException("key");

  709. 

  710.             return typeof(T).FullName + _KeySeparator + key;

  711.         }

  712.     }

  713. }