Merge pull request #1159 from ITfoxtec/test

Revsgaard · web-flow · commit 84f77ac44412 · 2025-03-05T15:18:51.000+01:00
Test
diff --git a/src/FoxIDs.Control/FoxIDs.Control.csproj b/src/FoxIDs.Control/FoxIDs.Control.csproj
@@ -2,7 +2,7 @@
 
 	<PropertyGroup>
 		<TargetFramework>net9.0</TargetFramework>
-		<Version>1.15.20</Version>
+		<Version>1.15.21</Version>
 		<RootNamespace>FoxIDs</RootNamespace>
 		<Authors>Anders Revsgaard</Authors>
 		<Company>ITfoxtec</Company>
diff --git a/src/FoxIDs.ControlClient/FoxIDs.ControlClient.csproj b/src/FoxIDs.ControlClient/FoxIDs.ControlClient.csproj
@@ -2,7 +2,7 @@
 
 	<PropertyGroup>
 		<TargetFramework>net9.0</TargetFramework>
-		<Version>1.15.20</Version>
+		<Version>1.15.21</Version>
 		<RootNamespace>FoxIDs.Client</RootNamespace>
 		<Authors>Anders Revsgaard</Authors>
 		<Company>ITfoxtec</Company>
diff --git a/src/FoxIDs.ControlShared/FoxIDs.ControlShared.csproj b/src/FoxIDs.ControlShared/FoxIDs.ControlShared.csproj
@@ -2,7 +2,7 @@
 
 	<PropertyGroup>
 		<TargetFramework>net9.0</TargetFramework>
-		<Version>1.15.20</Version>
+		<Version>1.15.21</Version>
 		<RootNamespace>FoxIDs</RootNamespace>
 		<Authors>Anders Revsgaard</Authors>
 		<Company>ITfoxtec</Company>
diff --git a/src/FoxIDs.Shared/FoxIDs.Shared.csproj b/src/FoxIDs.Shared/FoxIDs.Shared.csproj
@@ -2,7 +2,7 @@
 
 	<PropertyGroup>
 		<TargetFramework>net9.0</TargetFramework>
-		<Version>1.15.20</Version>
+		<Version>1.15.21</Version>
 		<RootNamespace>FoxIDs</RootNamespace>
 		<Authors>Anders Revsgaard</Authors>
 		<Company>ITfoxtec</Company>
diff --git a/src/FoxIDs.SharedBase/Constants.cs b/src/FoxIDs.SharedBase/Constants.cs
@@ -571,11 +571,11 @@ public static class DynamicElements
             public static class Claim
             {
                 public const int JwtTypeLength = 100;
-                public const string JwtTypeRegExPattern = @"^[\w:\/\-.+]*$";                            
-                public const string JwtTypeWildcardRegExPattern = @"^[\w:\/\-.+\*]*$";
+                public const string JwtTypeRegExPattern = @"^[\w:\/\-.+ ]*$";                            
+                public const string JwtTypeWildcardRegExPattern = @"^[\w:\/\-.+ \*]*$";
                 public const int SamlTypeLength = 300;
-                public const string SamlTypeRegExPattern = @"^[\w:\/\-.+]*$";
-                public const string SamlTypeWildcardRegExPattern = @"^[\w:\/\-.+\*]*$";
+                public const string SamlTypeRegExPattern = @"^[\w:\/\-.+ ]*$";
+                public const string SamlTypeWildcardRegExPattern = @"^[\w:\/\-.+ \*]*$";
 
                 public const int ValuesOAuthMin = 0;
                 public const int ValuesUserMin = 1;
diff --git a/src/FoxIDs.SharedBase/FoxIDs.SharedBase.csproj b/src/FoxIDs.SharedBase/FoxIDs.SharedBase.csproj
@@ -2,7 +2,7 @@
 
 	<PropertyGroup>
 		<TargetFramework>net9.0</TargetFramework>
-		<Version>1.15.20</Version>
+		<Version>1.15.21</Version>
 		<RootNamespace>FoxIDs</RootNamespace>
 		<Authors>Anders Revsgaard</Authors>
 		<Company>ITfoxtec</Company>
diff --git a/src/FoxIDs/FoxIDs.csproj b/src/FoxIDs/FoxIDs.csproj
@@ -1,7 +1,7 @@
 ﻿<Project Sdk="Microsoft.NET.Sdk.Web">
 	<PropertyGroup>
 		<TargetFramework>net9.0</TargetFramework>
-		<Version>1.15.20</Version>
+		<Version>1.15.21</Version>
 		<RootNamespace>FoxIDs</RootNamespace>
 		<Authors>Anders Revsgaard</Authors>
 		<Company>ITfoxtec</Company>
diff --git a/src/FoxIDs/Logic/OAuth/OAuthAuthCodeGrantDownLogic.cs b/src/FoxIDs/Logic/OAuth/OAuthAuthCodeGrantDownLogic.cs
@@ -37,14 +37,26 @@ public async Task<string> CreateAuthCodeGrantAsync(TClient client, List<Claim> c
             var grant = new AuthCodeTtlGrant
             {
                 TimeToLive = client.AuthorizationCodeLifetime.Value,
-                Claims = grantClaims.ToClaimAndValues(),
                 ClientId = client.ClientId,
                 RedirectUri = redirectUri,
                 Scope = scope,
                 Nonce = nonce,
                 CodeChallenge = codeChallenge,
                 CodeChallengeMethod = codeChallengeMethod
             };
+            grant.Claims = new List<ClaimAndValues>();
+            foreach (var gc in grantClaims.ToClaimAndValues())
+            {
+                try
+                {
+                    await gc.ValidateObjectAsync();
+                    grant.Claims.Add(gc);
+                }
+                catch (Exception ex)
+                {
+                    logger.Warning(ex, $"Unable to save claim '{gc.Claim}' in grant.");
+                }
+            }
             await grant.SetIdAsync(new AuthCodeTtlGrant.IdKey { TenantName = RouteBinding.TenantName, TrackName = RouteBinding.TrackName, Code = code });
             await tenantDataRepository.SaveAsync(grant);
 
diff --git a/src/FoxIDs/Logic/Tracks/ClaimsDownLogic.cs b/src/FoxIDs/Logic/Tracks/ClaimsDownLogic.cs
@@ -94,7 +94,7 @@ public async Task<List<Claim>> FromJwtToSamlClaimsAsync(IEnumerable<Claim> jwtCl
                     {
                         if (RouteBinding.AutoMapSamlClaims)
                         {
-                            samlClaims.Add(new Claim(AddNewJwtBasedMappingReturnSaml(mappings, newMappings, jwtClaim.Type), jwtClaim.Value, jwtClaim.ValueType, jwtClaim.Issuer, jwtClaim.OriginalIssuer));
+                            samlClaims.Add(new Claim(await AddNewJwtBasedMappingReturnSamlAsync(mappings, newMappings, jwtClaim.Type), jwtClaim.Value, jwtClaim.ValueType, jwtClaim.Issuer, jwtClaim.OriginalIssuer));
                         }
                         else
                         {
@@ -113,8 +113,7 @@ public async Task<List<Claim>> FromJwtToSamlClaimsAsync(IEnumerable<Claim> jwtCl
             }
             catch (Exception ex)
             {
-                logger.Error(ex, "Failed to map JWT claims to SAML claims.");
-                throw;
+                throw new Exception("Failed to map JWT claims to SAML claims.", ex);
             }
         }
 
@@ -178,7 +177,7 @@ public async Task<List<Claim>> FromSamlToJwtClaimsAsync(IEnumerable<Claim> samlC
                     {
                         if (RouteBinding.AutoMapSamlClaims)
                         {
-                            jwtClaims.Add(new Claim(AddNewSamlBasedMappingReturnJwt(mappings, newMappings, samlClaim.Type), samlClaim.Value, samlClaim.ValueType, samlClaim.Issuer, samlClaim.OriginalIssuer));
+                            jwtClaims.Add(new Claim(await AddNewSamlBasedMappingReturnJwtAsync(mappings, newMappings, samlClaim.Type), samlClaim.Value, samlClaim.ValueType, samlClaim.Issuer, samlClaim.OriginalIssuer));
                         }
                         else
                         {
@@ -198,8 +197,7 @@ public async Task<List<Claim>> FromSamlToJwtClaimsAsync(IEnumerable<Claim> samlC
             }
             catch (Exception ex)
             {
-                logger.Error(ex, "Failed to map SAML claims to JWT claims.");
-                throw;
+                throw new Exception("Failed to map SAML claims to JWT claims.", ex);
             }
         }
 
@@ -226,8 +224,7 @@ public List<string> FromSamlToJwtInfoClaimType(string samlClaimType)
             }
             catch (Exception ex)
             {
-                logger.Error(ex, "Failed to map SAML claims to JWT claim types.");
-                throw;
+                throw new Exception("Failed to map SAML claims to JWT claim types.", ex);
             }
         }
 
@@ -312,20 +309,30 @@ private List<ClaimMap> GetMappings(RouteBinding RouteBinding, bool toJwtClaims)
         }
 
 
-        private string AddNewJwtBasedMappingReturnSaml(List<ClaimMap> mappings, List<ClaimMap> newMappings, string jwtClaim)
+        private async Task<string> AddNewJwtBasedMappingReturnSamlAsync(List<ClaimMap> mappings, List<ClaimMap> newMappings, string jwtClaim)
         {
+            var samlClaim = $"{Constants.SamlAutoMapClaimTypes.Namespace}{jwtClaim.Replace("_", "")}";
             var claimMap = new ClaimMap
             {
                 JwtClaim = jwtClaim.ToLower(),
-                SamlClaim = $"{Constants.SamlAutoMapClaimTypes.Namespace}{jwtClaim.Replace("_", "")}"
+                SamlClaim = samlClaim
             };
             mappings.Add(claimMap);
-            newMappings.Add(claimMap);
+
+            try
+            {
+                await claimMap.ValidateObjectAsync();
+                newMappings.Add(claimMap);
+            }
+            catch (Exception ex)
+            {
+                logger.Warning(ex, $"Unable to map JWT claim '{jwtClaim}' to SAML 2.0 claim '{samlClaim}'.");
+            }
 
             return claimMap.SamlClaim;
         }
 
-        private string AddNewSamlBasedMappingReturnJwt(List<ClaimMap> mappings, List<ClaimMap> newMappings, string samlClaim)
+        private async Task<string> AddNewSamlBasedMappingReturnJwtAsync(List<ClaimMap> mappings, List<ClaimMap> newMappings, string samlClaim)
         {
             string jwtClaim = null;
             var claimSplit = samlClaim.Split('/');
@@ -361,7 +368,16 @@ private string AddNewSamlBasedMappingReturnJwt(List<ClaimMap> mappings, List<Cla
                 SamlClaim = samlClaim,
             };
             mappings.Add(claimMap);
-            newMappings.Add(claimMap);
+
+            try
+            {
+                await claimMap.ValidateObjectAsync();
+                newMappings.Add(claimMap);
+            }
+            catch (Exception ex)
+            {
+                logger.Warning(ex, $"Unable to map SAML 2.0 claim '{samlClaim}' to JWT claim '{jwtClaim}'.");
+            }
 
             return jwtClaim;
         }

Original file line number	Diff line number	Diff line change
`@@ -94,7 +94,7 @@ public async Task<List<Claim>> FromJwtToSamlClaimsAsync(IEnumerable<Claim> jwtCl`
`94`	`94`	`{`
`95`	`95`	`if (RouteBinding.AutoMapSamlClaims)`
`96`	`96`	`{`
`97`		`- samlClaims.Add(new Claim(AddNewJwtBasedMappingReturnSaml(mappings, newMappings, jwtClaim.Type), jwtClaim.Value, jwtClaim.ValueType, jwtClaim.Issuer, jwtClaim.OriginalIssuer));`
	`97`	`+ samlClaims.Add(new Claim(await AddNewJwtBasedMappingReturnSamlAsync(mappings, newMappings, jwtClaim.Type), jwtClaim.Value, jwtClaim.ValueType, jwtClaim.Issuer, jwtClaim.OriginalIssuer));`
`98`	`98`	`}`
`99`	`99`	`else`
`100`	`100`	`{`
`@@ -113,8 +113,7 @@ public async Task<List<Claim>> FromJwtToSamlClaimsAsync(IEnumerable<Claim> jwtCl`
`113`	`113`	`}`
`114`	`114`	`catch (Exception ex)`
`115`	`115`	`{`
`116`		`- logger.Error(ex, "Failed to map JWT claims to SAML claims.");`
`117`		`- throw;`
	`116`	`+ throw new Exception("Failed to map JWT claims to SAML claims.", ex);`
`118`	`117`	`}`
`119`	`118`	`}`
`120`	`119`
`@@ -178,7 +177,7 @@ public async Task<List<Claim>> FromSamlToJwtClaimsAsync(IEnumerable<Claim> samlC`
`178`	`177`	`{`
`179`	`178`	`if (RouteBinding.AutoMapSamlClaims)`
`180`	`179`	`{`
`181`		`- jwtClaims.Add(new Claim(AddNewSamlBasedMappingReturnJwt(mappings, newMappings, samlClaim.Type), samlClaim.Value, samlClaim.ValueType, samlClaim.Issuer, samlClaim.OriginalIssuer));`
	`180`	`+ jwtClaims.Add(new Claim(await AddNewSamlBasedMappingReturnJwtAsync(mappings, newMappings, samlClaim.Type), samlClaim.Value, samlClaim.ValueType, samlClaim.Issuer, samlClaim.OriginalIssuer));`
`182`	`181`	`}`
`183`	`182`	`else`
`184`	`183`	`{`
`@@ -198,8 +197,7 @@ public async Task<List<Claim>> FromSamlToJwtClaimsAsync(IEnumerable<Claim> samlC`
`198`	`197`	`}`
`199`	`198`	`catch (Exception ex)`
`200`	`199`	`{`
`201`		`- logger.Error(ex, "Failed to map SAML claims to JWT claims.");`
`202`		`- throw;`
	`200`	`+ throw new Exception("Failed to map SAML claims to JWT claims.", ex);`
`203`	`201`	`}`
`204`	`202`	`}`
`205`	`203`
`@@ -226,8 +224,7 @@ public List<string> FromSamlToJwtInfoClaimType(string samlClaimType)`
`226`	`224`	`}`
`227`	`225`	`catch (Exception ex)`
`228`	`226`	`{`
`229`		`- logger.Error(ex, "Failed to map SAML claims to JWT claim types.");`
`230`		`- throw;`
	`227`	`+ throw new Exception("Failed to map SAML claims to JWT claim types.", ex);`
`231`	`228`	`}`
`232`	`229`	`}`
`233`	`230`
`@@ -312,20 +309,30 @@ private List<ClaimMap> GetMappings(RouteBinding RouteBinding, bool toJwtClaims)`
`312`	`309`	`}`
`313`	`310`
`314`	`311`
`315`		`- private string AddNewJwtBasedMappingReturnSaml(List<ClaimMap> mappings, List<ClaimMap> newMappings, string jwtClaim)`
	`312`	`+ private async Task<string> AddNewJwtBasedMappingReturnSamlAsync(List<ClaimMap> mappings, List<ClaimMap> newMappings, string jwtClaim)`
`316`	`313`	`{`
	`314`	`+ var samlClaim = $"{Constants.SamlAutoMapClaimTypes.Namespace}{jwtClaim.Replace("_", "")}";`
`317`	`315`	`var claimMap = new ClaimMap`
`318`	`316`	`{`
`319`	`317`	`JwtClaim = jwtClaim.ToLower(),`
`320`		`- SamlClaim = $"{Constants.SamlAutoMapClaimTypes.Namespace}{jwtClaim.Replace("_", "")}"`
	`318`	`+ SamlClaim = samlClaim`
`321`	`319`	`};`
`322`	`320`	`mappings.Add(claimMap);`
`323`		`- newMappings.Add(claimMap);`
	`321`	`+`
	`322`	`+ try`
	`323`	`+ {`
	`324`	`+ await claimMap.ValidateObjectAsync();`
	`325`	`+ newMappings.Add(claimMap);`
	`326`	`+ }`
	`327`	`+ catch (Exception ex)`
	`328`	`+ {`
	`329`	`+ logger.Warning(ex, $"Unable to map JWT claim '{jwtClaim}' to SAML 2.0 claim '{samlClaim}'.");`
	`330`	`+ }`
`324`	`331`
`325`	`332`	`return claimMap.SamlClaim;`
`326`	`333`	`}`
`327`	`334`
`328`		`- private string AddNewSamlBasedMappingReturnJwt(List<ClaimMap> mappings, List<ClaimMap> newMappings, string samlClaim)`
	`335`	`+ private async Task<string> AddNewSamlBasedMappingReturnJwtAsync(List<ClaimMap> mappings, List<ClaimMap> newMappings, string samlClaim)`
`329`	`336`	`{`
`330`	`337`	`string jwtClaim = null;`
`331`	`338`	`var claimSplit = samlClaim.Split('/');`
`@@ -361,7 +368,16 @@ private string AddNewSamlBasedMappingReturnJwt(List<ClaimMap> mappings, List<Cla`
`361`	`368`	`SamlClaim = samlClaim,`
`362`	`369`	`};`
`363`	`370`	`mappings.Add(claimMap);`
`364`		`- newMappings.Add(claimMap);`
	`371`	`+`
	`372`	`+ try`
	`373`	`+ {`
	`374`	`+ await claimMap.ValidateObjectAsync();`
	`375`	`+ newMappings.Add(claimMap);`
	`376`	`+ }`
	`377`	`+ catch (Exception ex)`
	`378`	`+ {`
	`379`	`+ logger.Warning(ex, $"Unable to map SAML 2.0 claim '{samlClaim}' to JWT claim '{jwtClaim}'.");`
	`380`	`+ }`
`365`	`381`
`366`	`382`	`return jwtClaim;`
`367`	`383`	`}`