paul/yavsc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

IdentityServer8

Browse Source
This commit is contained in:
Paul Schneider
2025-02-08 20:06:24 +00:00
parent aa71ff8761
commit 96a54aa6bf
47 changed files with 4089 additions and 541 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
src/Yavsc/Controllers/Accounting/AccountController.cs
View File

@ -13,16 +13,16 @@ using Yavsc.ViewModels.Account;
using Yavsc.Helpers;
using Yavsc.Abstract.Manage;
using Yavsc.Interface;
using IdentityServer4.Test;
using IdentityServer4.Services;
using IdentityServer4.Stores;
using IdentityServer8.Test;
using IdentityServer8.Services;
using IdentityServer8.Stores;
using Microsoft.AspNetCore.Authentication;
using Yavsc.Models.Access;
using IdentityServer4.Models;
using IdentityServer8.Models;
using Yavsc.Extensions;
using IdentityServer4.Events;
using IdentityServer4.Extensions;
using IdentityServer4;
using IdentityServer8.Events;
using IdentityServer8.Extensions;
using IdentityServer8;
using IdentityModel;
using System.Security.Cryptography;
using System.Text.Unicode;
@ -278,7 +278,7 @@ namespace Yavsc.Controllers
var context = await _interaction.GetAuthorizationContextAsync(returnUrl);
if (context?.IdP != null && await _schemeProvider.GetSchemeAsync(context.IdP) != null)
{
var local = context.IdP == IdentityServer4.IdentityServerConstants.LocalIdentityProvider;
var local = context.IdP == IdentityServer8.IdentityServerConstants.LocalIdentityProvider;
// this is meant to short circuit the UI and only trigger the one external IdP
var vm = new LoginViewModel
@ -380,7 +380,7 @@ namespace Yavsc.Controllers
if (User?.Identity.IsAuthenticated == true)
{
var idp = User.FindFirst(JwtClaimTypes.IdentityProvider)?.Value;
if (idp != null && idp != IdentityServer4.IdentityServerConstants.LocalIdentityProvider)
if (idp != null && idp != IdentityServer8.IdentityServerConstants.LocalIdentityProvider)
{
var providerSupportsSignout = await HttpContext.GetSchemeSupportsSignOutAsync(idp);
if (providerSupportsSignout)

2
src/Yavsc/Controllers/Accounting/ManageController.cs
View File

@ -93,7 +93,7 @@ namespace Yavsc.Controllers
var user = await GetCurrentUserAsync();
long pc = _dbContext.Blogspot.Count(x => x.AuthorId == user.Id);
long pc = _dbContext.BlogSpot.Count(x => x.AuthorId == user.Id);

15
src/Yavsc/Controllers/Communicating/BlogspotController.cs
View File

@ -57,7 +57,7 @@ namespace Yavsc.Controllers
{
var uid = User.FindFirstValue(ClaimTypes.NameIdentifier);
ViewData["Title"] = id;
return View("Title", _context.Blogspot.Include(
return View("Title", _context.BlogSpot.Include(
b => b.Author
).Where(x => x.Title == id && (x.Visible || x.AuthorId == uid )).OrderByDescending(
x => x.DateCreated
@ -78,7 +78,7 @@ namespace Yavsc.Controllers
return NotFound();
}
BlogPost blog = _context.Blogspot
BlogPost blog = _context.BlogSpot
.Include(p => p.Author)
.Include(p => p.Tags)
.Include(p => p.Comments)
@ -128,10 +128,9 @@ namespace Yavsc.Controllers
Title = blogInput.Title,
Content = blogInput.Content,
Photo = blogInput.Photo,
Rate = 0,
AuthorId = User.GetUserId()
};
_context.Blogspot.Add(post);
_context.BlogSpot.Add(post);
_context.SaveChanges(User.GetUserId());
return RedirectToAction("Index");
}
@ -150,7 +149,7 @@ namespace Yavsc.Controllers
}
ViewData["PostTarget"]="Edit";
BlogPost blog = _context.Blogspot.Include(x => x.Author).Include(x => x.ACL).Single(m => m.Id == id);
BlogPost blog = _context.BlogSpot.Include(x => x.Author).Include(x => x.ACL).Single(m => m.Id == id);
if (blog == null)
{
@ -212,7 +211,7 @@ namespace Yavsc.Controllers
return NotFound();
}
BlogPost blog = _context.Blogspot.Include(
BlogPost blog = _context.BlogSpot.Include(
b => b.Author
).Single(m => m.Id == id);
if (blog == null)
@ -229,9 +228,9 @@ namespace Yavsc.Controllers
public IActionResult DeleteConfirmed(long id)
{
var uid = User.GetUserId();
BlogPost blog = _context.Blogspot.Single(m => m.Id == id && m.AuthorId == uid );
BlogPost blog = _context.BlogSpot.Single(m => m.Id == id && m.AuthorId == uid );
_context.Blogspot.Remove(blog);
_context.BlogSpot.Remove(blog);
_context.SaveChanges(User.GetUserId());
return RedirectToAction("Index");

8
src/Yavsc/Controllers/Communicating/CommentsController.cs
View File

@ -47,7 +47,7 @@ namespace Yavsc.Controllers
// GET: Comments/Create
public IActionResult Create()
{
ViewData["ReceiverId"] = new SelectList(_context.Blogspot, "Id", "Post");
ViewData["ReceiverId"] = new SelectList(_context.BlogSpot, "Id", "Post");
return View();
}
@ -64,7 +64,7 @@ namespace Yavsc.Controllers
await _context.SaveChangesAsync();
return RedirectToAction("Index");
}
ViewData["ReceiverId"] = new SelectList(_context.Blogspot, "Id", "Post", comment.ReceiverId);
ViewData["ReceiverId"] = new SelectList(_context.BlogSpot, "Id", "Post", comment.ReceiverId);
return View(comment);
}
@ -81,7 +81,7 @@ namespace Yavsc.Controllers
{
return NotFound();
}
ViewData["ReceiverId"] = new SelectList(_context.Blogspot, "Id", "Post", comment.ReceiverId);
ViewData["ReceiverId"] = new SelectList(_context.BlogSpot, "Id", "Post", comment.ReceiverId);
return View(comment);
}
@ -96,7 +96,7 @@ namespace Yavsc.Controllers
await _context.SaveChangesAsync();
return RedirectToAction("Index");
}
ViewData["ReceiverId"] = new SelectList(_context.Blogspot, "Id", "Post", comment.ReceiverId);
ViewData["ReceiverId"] = new SelectList(_context.BlogSpot, "Id", "Post", comment.ReceiverId);
return View(comment);
}

16
src/Yavsc/Controllers/Consent/ConsentController.cs
View File

@ -2,16 +2,16 @@
// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
using IdentityServer4.Events;
using IdentityServer4.Models;
using IdentityServer4.Services;
using IdentityServer4.Extensions;
using IdentityServer8.Events;
using IdentityServer8.Models;
using IdentityServer8.Services;
using IdentityServer8.Extensions;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Logging;
using System.Linq;
using System.Threading.Tasks;
using IdentityServer4.Validation;
using IdentityServer8.Validation;
using System.Collections.Generic;
using System;
using Yavsc;
@ -122,7 +122,7 @@ namespace IdentityServerHost.Quickstart.UI
var scopes = model.ScopesConsented;
if (ConsentOptions.EnableOfflineAccess == false)
{
scopes = scopes.Where(x => x != IdentityServer4.IdentityServerConstants.StandardScopes.OfflineAccess);
scopes = scopes.Where(x => x != IdentityServer8.IdentityServerConstants.StandardScopes.OfflineAccess);
}
grantedConsent = new ConsentResponse
@ -210,7 +210,7 @@ namespace IdentityServerHost.Quickstart.UI
}
if (ConsentOptions.EnableOfflineAccess && request.ValidatedResources.Resources.OfflineAccess)
{
apiScopes.Add(GetOfflineAccessScope(vm.ScopesConsented.Contains(IdentityServer4.IdentityServerConstants.StandardScopes.OfflineAccess) || model == null));
apiScopes.Add(GetOfflineAccessScope(vm.ScopesConsented.Contains(IdentityServer8.IdentityServerConstants.StandardScopes.OfflineAccess) || model == null));
}
vm.ApiScopes = apiScopes;
@ -253,7 +253,7 @@ namespace IdentityServerHost.Quickstart.UI
{
return new ScopeViewModel
{
Value = IdentityServer4.IdentityServerConstants.StandardScopes.OfflineAccess,
Value = IdentityServer8.IdentityServerConstants.StandardScopes.OfflineAccess,
DisplayName = ConsentOptions.OfflineAccessDisplayName,
Description = ConsentOptions.OfflineAccessDescription,
Emphasize = true,

2
src/Yavsc/Controllers/Consent/ProcessConsentResult.cs
View File

@ -2,7 +2,7 @@
// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
using IdentityServer4.Models;
using IdentityServer8.Models;
namespace IdentityServerHost.Quickstart.UI
{

18
src/Yavsc/Controllers/Device/DeviceController.cs
View File

@ -6,12 +6,12 @@ using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using IdentityServer4.Configuration;
using IdentityServer4.Events;
using IdentityServer4.Extensions;
using IdentityServer4.Models;
using IdentityServer4.Services;
using IdentityServer4.Validation;
using IdentityServer8.Configuration;
using IdentityServer8.Events;
using IdentityServer8.Extensions;
using IdentityServer8.Models;
using IdentityServer8.Services;
using IdentityServer8.Validation;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Logging;
@ -103,7 +103,7 @@ namespace Yavsc.Controllers
var scopes = model.ScopesConsented;
if (ConsentOptions.EnableOfflineAccess == false)
{
scopes = scopes.Where(x => x != IdentityServer4.IdentityServerConstants.StandardScopes.OfflineAccess);
scopes = scopes.Where(x => x != IdentityServer8.IdentityServerConstants.StandardScopes.OfflineAccess);
}
grantedConsent = new ConsentResponse
@ -185,7 +185,7 @@ namespace Yavsc.Controllers
}
if (ConsentOptions.EnableOfflineAccess && request.ValidatedResources.Resources.OfflineAccess)
{
apiScopes.Add(GetOfflineAccessScope(vm.ScopesConsented.Contains(IdentityServer4.IdentityServerConstants.StandardScopes.OfflineAccess) || model == null));
apiScopes.Add(GetOfflineAccessScope(vm.ScopesConsented.Contains(IdentityServer8.IdentityServerConstants.StandardScopes.OfflineAccess) || model == null));
}
vm.ApiScopes = apiScopes;
@ -222,7 +222,7 @@ namespace Yavsc.Controllers
{
return new ScopeViewModel
{
Value = IdentityServer4.IdentityServerConstants.StandardScopes.OfflineAccess,
Value = IdentityServer8.IdentityServerConstants.StandardScopes.OfflineAccess,
DisplayName = ConsentOptions.OfflineAccessDisplayName,
Description = ConsentOptions.OfflineAccessDescription,
Emphasize = true,

8
src/Yavsc/Controllers/GrantsController.cs
View File

@ -2,15 +2,15 @@
// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
using IdentityServer4.Services;
using IdentityServer4.Stores;
using IdentityServer8.Services;
using IdentityServer8.Stores;
using Microsoft.AspNetCore.Mvc;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authorization;
using IdentityServer4.Events;
using IdentityServer4.Extensions;
using IdentityServer8.Events;
using IdentityServer8.Extensions;
using Yavsc;
using Yavsc.Models.Access;

7
src/Yavsc/Controllers/SecurityHeadersAttribute.cs
View File

@ -14,7 +14,8 @@ namespace Yavsc
var result = context.Result;
if (result is ViewResult)
{
// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
#pragma warning disable ASP0019 // Suggest using IHeaderDictionary.Append or the indexer
// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
if (!context.HttpContext.Response.Headers.ContainsKey("X-Content-Type-Options"))
{
context.HttpContext.Response.Headers.Add("X-Content-Type-Options", "nosniff");
@ -48,8 +49,10 @@ namespace Yavsc
var referrer_policy = "no-referrer";
if (!context.HttpContext.Response.Headers.ContainsKey("Referrer-Policy"))
{
context.HttpContext.Response.Headers.Add("Referrer-Policy", referrer_policy);
context.HttpContext.Response.Headers.Add("Referrer-Policy", referrer_policy);
}
#pragma warning restore ASP0019 // Suggest using IHeaderDictionary.Append or the indexer
}
}
}