products/identity-server/hosts/Shared/Customization/CustomClientRegistrationProcessor.cs at 57a53d1ff8dc3de09165deb771619a4a627e8dbf · DuendeSoftware/products · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
// Copyright (c) Duende Software. All rights reserved.
// See LICENSE in the project root for license information.

using Duende.IdentityServer.Configuration;
using Duende.IdentityServer.Configuration.Configuration;
using Duende.IdentityServer.Configuration.Models;
using Duende.IdentityServer.Configuration.Models.DynamicClientRegistration;
using Duende.IdentityServer.Configuration.RequestProcessing;
using Duende.IdentityServer.Models;
using Duende.IdentityServer.Stores;

namespace Duende.IdentityServer.Hosts.Shared.Customization;

[System.Diagnostics.CodeAnalysis.SuppressMessage("CodeQuality", "CA1812:Avoid uninstantiated internal classes", Justification = "Instantiated via DI container")]
public sealed class CustomClientRegistrationProcessor(
    IdentityServerConfigurationOptions options,
    IClientConfigurationStore dcrStore,
    IClientStore clientStore) : DynamicClientRegistrationRequestProcessor(options, dcrStore)
{

    protected override async Task<IStepResult> AddClientId(DynamicClientRegistrationContext context)
    {
        if (context.Request.Extensions.TryGetValue("client_id", out var clientIdParameter))
        {
            var clientId = clientIdParameter.ToString();
            if (clientId != null)
            {
                var existingClient = await clientStore.FindClientByIdAsync(clientId);
                if (existingClient is not null)
                {
                    return new DynamicClientRegistrationError(
                        "Duplicate client id",
                        "Attempt to register a client with a client id that has already been registered"
                    );
                }
                else
                {
                    context.Client.ClientId = clientId;
                    return new SuccessfulStep();
                }
            }
        }
        return await base.AddClientId(context);
    }

    protected override async Task<(Secret, string)> GenerateSecret(DynamicClientRegistrationContext context)
    {
        if (context.Request.Extensions.TryGetValue("client_secret", out var secretParam))
        {
            var plainText = secretParam.ToString();
            ArgumentNullException.ThrowIfNull(plainText);
            var secret = new Secret(plainText.Sha256());

            return (secret, plainText);
        }
        return await base.GenerateSecret(context);

    }
}