Merge pull request #10 from Shoogn/dev

Dev
Shoogn · Mar 2, 2024 · 6886fd8 · 6886fd8
2 parents 67e0a87 + 3312f95
commit 6886fd8
Show file tree

Hide file tree

Showing 29 changed files with 646 additions and 175 deletions.
diff --git a/Sample/ClientApp_OpenId/Program.cs b/Sample/ClientApp_OpenId/Program.cs
@@ -23,6 +23,7 @@
         options.CallbackPath = "/signin-oidc";
         options.SaveTokens = true;
         options.Scope.Add("jwtapitestapp.read");
+        options.GetClaimsFromUserInfoEndpoint = true;
     });
 
 

diff --git a/Server/src/OAuth20.Server/Common/Constants.cs b/Server/src/OAuth20.Server/Common/Constants.cs
diff --git a/Server/src/OAuth20.Server/Common/OAuth2ServerHelpers.cs b/Server/src/OAuth20.Server/Common/OAuth2ServerHelpers.cs
@@ -14,18 +14,18 @@ public class OAuth2ServerHelpers
     {
         public static IList<string> CodeChallenegMethodsSupport = new List<string>()
         {
-            Constants.Plain,
-            Constants.SHA256
+            Constants.ChallengeMethod.Plain,
+            Constants.ChallengeMethod.SHA256
         };
 
 
         public static IList<string> OpenIdConnectScopes = new List<string>()
         {
-            Constants.OpenId,
-            Constants.Profile,
-            Constants.Email,
-            Constants.Address,
-            Constants.Phone
+            Constants.OpenIdConnectScopes. OpenId,
+            Constants.OpenIdConnectScopes.Profile,
+            Constants.OpenIdConnectScopes.Email,
+            Constants.OpenIdConnectScopes.Address,
+            Constants.OpenIdConnectScopes.Phone
         };
     }
 }
diff --git a/Server/src/OAuth20.Server/Constants.cs b/Server/src/OAuth20.Server/Constants.cs
@@ -0,0 +1,53 @@
+namespace OAuth20.Server
+{
+    public static class Constants
+    {
+        public static class ChallengeMethod
+        {
+            public static string Plain = "plain";
+            public static string SHA256 = "S256";
+        }
+
+        public static class OpenIdConnectScopes
+        {
+            public static string OpenId = "openid";
+            public static string Profile = "profile";
+            public static string Email = "email";
+            public static string Address = "address";
+            public static string Phone = "phone";
+        }
+
+        public static class TokenTypes
+        {
+            public const string JWTAcceseccToken = "Access_Token";
+            public const string JWTIdentityToken = "Idp_Token";
+            public const string AccessAndIdpToken = "Access_Idp_Token";
+        }
+
+
+        public static class TokenTypeHints
+        {
+            public const string AccessToken = "access_token";
+            public const string RefreshToken = "refresh_token";
+        }
+
+        public static class Statuses
+        {
+            public const string InActive = "inactive";
+            public const string Revoked = "revoked";
+            public const string Valid = "valid";
+        }
+
+        public static class ContentTypeSupported
+        {
+            public const string XwwwFormUrlEncoded = "application/x-www-form-urlencoded";
+        }
+
+        public static class AuthenticatedRequestScheme
+        {
+            public const string AuthorizationRequestHeader = "Bearer";
+            public const string FormEncodedBodyParameter = "access_token";
+            public const string UriQueryParameter = "access_token";
+        }
+    }
+}
diff --git a/Server/src/OAuth20.Server/Controllers/DiscoveryEndpointController.cs b/Server/src/OAuth20.Server/Controllers/DiscoveryEndpointController.cs
@@ -28,7 +28,7 @@ public JsonResult GetConfiguration()
                 acr_values_supported = new string[] {"urn:mace:incommon:iap:silver", "urn:mace:incommon:iap:bronze"},
                 response_types_supported = new string[] { "code", "code id_token", "id_token", "token id_token" },
                 subject_types_supported = new string[] { "public", "pairwise" },
-
+                userinfo_endpoint = "https://localhost:7275/api/UserInfo/GetUserInfo",
                 userinfo_encryption_enc_values_supported = new string[] { "A128CBC-HS256", "A128GCM" },
                 id_token_signing_alg_values_supported = new string[] { "RS256", "ES256", "HS256" , "SHA256" },
                 id_token_encryption_alg_values_supported = new string[] { "RSA1_5", "A128KW" },

diff --git a/Server/src/OAuth20.Server/Controllers/HomeController.cs b/Server/src/OAuth20.Server/Controllers/HomeController.cs
@@ -70,7 +70,8 @@ public IActionResult Authorize(AuthorizationRequest authorizationRequest)
             {
                 RedirectUri = result.RedirectUri,
                 Code = result.Code,
-                RequestedScopes = result.RequestedScopes,
+                RequestedScopes = result.RequestedScopes
+
             };
             return View("Login", loginModel);
         }
@@ -103,8 +104,8 @@ public async Task<IActionResult> Login(OpenIdConnectLoginRequest loginRequest)
                     return Redirect(loginRequest.RedirectUri);
                 }
             }
-
-            return RedirectToAction("Error", new { error = "invalid_request" });
+            return View("Error", new { error = "invalid_request" });
+            //return RedirectToAction("Error", new { error = "invalid_request" });
         }
 
         [HttpPost]

diff --git a/Server/src/OAuth20.Server/Controllers/UserInfoController.cs b/Server/src/OAuth20.Server/Controllers/UserInfoController.cs
@@ -0,0 +1,29 @@
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Cors;
+using Microsoft.AspNetCore.Mvc;
+using OAuth20.Server.Services;
+using System.Threading.Tasks;
+
+namespace OAuth20.Server.Controllers
+{
+    [Route("api/[controller]")]
+    [EnableCors("UserInfoPolicy")]
+    [ApiController]
+    [AllowAnonymous]
+    public class UserInfoController : ControllerBase
+    {
+        private readonly IUserInfoService _userInfoService;
+        public UserInfoController(IUserInfoService userInfoService)
+        {
+            _userInfoService = userInfoService;
+        }
+
+        [HttpGet("GetUserInfo")]
+
+        public async Task<IActionResult> GetUserInfo()
+        {
+            var userInfo = await _userInfoService.GetUserInfoAsync();
+            return Ok(userInfo);
+        }
+    }
+}
diff --git a/Server/src/OAuth20.Server/Enumeration/BearerTokenUsageTypeEnum.cs b/Server/src/OAuth20.Server/Enumeration/BearerTokenUsageTypeEnum.cs
@@ -0,0 +1,19 @@
+/*
+                        GNU GENERAL PUBLIC LICENSE
+                          Version 3, 29 June 2007
+ Copyright (C) 2022 Mohammed Ahmed Hussien babiker Free Software Foundation, Inc. <https://fsf.org/>
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+ */
+
+namespace OAuth20.Server.Enumeration;
+
+/// <summary>
+/// For more information see the <see cref="https://www.rfc-editor.org/info/rfc6750"/>
+/// </summary>
+public enum BearerTokenUsageTypeEnum : byte
+{
+    AuthorizationRequestHeader,
+    FormEncodedBodyParameter,
+    UriQueryParameter
+}
diff --git a/...h20.Server/OauthResponse/ErrorTypeEnum.cs → ...uth20.Server/Enumeration/ErrorTypeEnum.cs b/...h20.Server/OauthResponse/ErrorTypeEnum.cs → ...uth20.Server/Enumeration/ErrorTypeEnum.cs
@@ -7,7 +7,7 @@ Everyone is permitted to copy and distribute verbatim copies
  */
 
 using System.ComponentModel;
-namespace OAuth20.Server.OauthResponse
+namespace OAuth20.Server.Enumeration
 {
     public enum ErrorTypeEnum : byte
     {

diff --git a/...rc/OAuth20.Server/Models/TokenTypeEnum.cs → ...uth20.Server/Enumeration/TokenTypeEnum.cs b/...rc/OAuth20.Server/Models/TokenTypeEnum.cs → ...uth20.Server/Enumeration/TokenTypeEnum.cs
@@ -8,7 +8,7 @@ Everyone is permitted to copy and distribute verbatim copies
 
 using System.ComponentModel;
 
-namespace OAuth20.Server.Models
+namespace OAuth20.Server.Enumeration
 {
     public enum TokenTypeEnum : byte
     {

diff --git a/Server/src/OAuth20.Server/OAuthResponse/UserInfoResponse.cs b/Server/src/OAuth20.Server/OAuthResponse/UserInfoResponse.cs
@@ -0,0 +1,31 @@
+using System.Text.Json.Serialization;
+
+namespace OAuth20.Server.OAuthResponse
+{
+    public class UserInfoResponse 
+    {
+        public bool Succeeded { get; set; }
+        public string Error { get; set; } = string.Empty;
+
+        public string ErrorDescription { get; set; }
+        public bool HasError => !string.IsNullOrEmpty(Error);
+
+
+        /// <summary>
+        /// Returned result as json.
+        /// </summary>
+        public string Claims { get; set; }
+
+        [JsonPropertyName("sub")]
+        public string Sub { get; set; }
+
+        [JsonPropertyName("name")]
+        public string Name { get; set; }
+
+        [JsonPropertyName("email")]
+        public string Email { get; set; }
+
+        [JsonPropertyName("email_verified")]
+        public bool EmailVerified { get; set; }
+    }
+}
diff --git a/Server/src/OAuth20.Server/OauthRequest/TokenRequest.cs b/Server/src/OAuth20.Server/OauthRequest/TokenRequest.cs
@@ -6,7 +6,6 @@ Everyone is permitted to copy and distribute verbatim copies
  of this license document, but changing it is not allowed.
  */
 
-using Microsoft.AspNetCore.Http;
 using System.Collections.Generic;
 
 namespace OAuth20.Server.OauthRequest

diff --git a/Server/src/OAuth20.Server/OauthResponse/AuthorizeResponse.cs b/Server/src/OAuth20.Server/OauthResponse/AuthorizeResponse.cs
@@ -21,7 +21,6 @@ public class AuthorizeResponse
         /// required if it was present in the client authorization request
         /// </summary>
         public string State { get; set; }
-
         public string RedirectUri { get; set; }
         public IList<string> RequestedScopes { get; set; }
         public string GrantType { get; set; }

diff --git a/Server/src/OAuth20.Server/OauthResponse/TokenResponse.cs b/Server/src/OAuth20.Server/OauthResponse/TokenResponse.cs
@@ -7,7 +7,7 @@ Everyone is permitted to copy and distribute verbatim copies
  */
 
 using OAuth20.Server.Common;
-using OAuth20.Server.Models;
+using OAuth20.Server.Enumeration;
 
 namespace OAuth20.Server.OauthResponse
 {

diff --git a/Server/src/OAuth20.Server/Program.cs b/Server/src/OAuth20.Server/Program.cs
@@ -61,18 +61,32 @@ Everyone is permitted to copy and distribute verbatim copies
 builder.Services.AddScoped<ITokenIntrospectionService, TokenIntrospectionService>();
 builder.Services.TryAddScoped<ITokenRevocationValidation, TokenRevocationValidation>();
 builder.Services.TryAddScoped<ITokenIntrospectionValidation, TokenIntrospectionValidation>();
+builder.Services.AddScoped<IClientService, ClientService>();
+builder.Services.AddScoped<IUserInfoService, UserInfoService>();
+builder.Services.AddScoped<IBearerTokenUsageTypeValidation, BearerTokenUsageTypeValidation>();
 builder.Services.AddHttpContextAccessor();
 
-builder.Services.Configure<RouteOptions>(options =>
+//builder.Services.Configure<RouteOptions>(options =>
+//{
+//    options.LowercaseQueryStrings = true;
+//    options.LowercaseUrls = true;
+//});
+
+builder.Services.AddCors(options =>
 {
-    options.LowercaseQueryStrings = true;
-    options.LowercaseUrls = true;
-});
+    options.AddPolicy("UserInfoPolicy", o =>
+    {
+        o.AllowAnyOrigin();
+        o.AllowAnyHeader();
+        o.AllowAnyMethod();
+    });
+}); 
 builder.Services.AddControllersWithViews();
 var app = builder.Build();
 
 app.UseStaticFiles();
 app.UseRouting();
+app.UseCors("UserInfoPolicy");
 app.UseAuthentication();
 app.UseAuthorization();
 app.UseEndpoints(endpoints =>