yv01p/Umbraco-CMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
da7454e98713ef00336e09896a61101ba28fd2c7
Umbraco-CMS/src/Umbraco.Infrastructure/Security/OpenIdDictApplicationManagerBase.cs

38 lines
1.4 KiB
C#
Raw Normal View History

Add member auth to the Delivery API (#14730) * Refactor OpenIddict for shared usage between APIs + implement member authentication and handling within the Delivery API * Make SwaggerRouteTemplatePipelineFilter UI config overridable * Enable token revocation + rename logout endpoint to signout * Add default implementation of SwaggerGenOptions configuration for enabling Delivery API member auth in Swagger * Correct notification handling when (un)protecting content * Fixing integration test framework * Cleanup test to not execute some composers twice * Update paths to match docs * Return Forbidden when a member is authorized but not allowed to access the requested resource * Cleanup * Rename RequestMemberService to RequestMemberAccessService * Rename badly named variable * Review comments * Hide the auth controller from Swagger * Remove semaphore * Add security requirements for content API operations in Swagger * Hide the back-office auth endpoints from Swagger * Fix merge * Update back-office API auth endpoint paths + add revoke and sign-out endpoints (as of now they do not exist, a separate task will fix that) * Swap endpoint order to maintain backwards compat with the current login screen for new back-office (will be swapped back again to ensure correct .well-known endpoints, see FIXME comment) * Make "items by IDs" endpoint support member auth * Add 401 and 403 to "items by IDs" endpoint responses --------- Co-authored-by: Bjarke Berg <mail@bergmania.dk> Co-authored-by: Elitsa <elm@umbraco.dk>
2023-09-26 09:22:45 +02:00
using OpenIddict.Abstractions;
namespace Umbraco.Cms.Infrastructure.Security;
public abstract class OpenIdDictApplicationManagerBase
{
private readonly IOpenIddictApplicationManager _applicationManager;
protected OpenIdDictApplicationManagerBase(IOpenIddictApplicationManager applicationManager)
=> _applicationManager = applicationManager;
protected async Task CreateOrUpdate(OpenIddictApplicationDescriptor clientDescriptor, CancellationToken cancellationToken)
{
var identifier = clientDescriptor.ClientId ??
throw new ApplicationException($"ClientId is missing for application: {clientDescriptor.DisplayName ?? "(no name)"}");
var client = await _applicationManager.FindByClientIdAsync(identifier, cancellationToken);
if (client is null)
{
await _applicationManager.CreateAsync(clientDescriptor, cancellationToken);
}
else
{
await _applicationManager.UpdateAsync(client, clientDescriptor, cancellationToken);
}
}
protected async Task Delete(string identifier, CancellationToken cancellationToken)
{
var client = await _applicationManager.FindByClientIdAsync(identifier, cancellationToken);
if (client is null)
{
return;
}
await _applicationManager.DeleteAsync(client, cancellationToken);
}
}
Reference in New Issue Copy Permalink