Introduce support for application types

openiddict · Sep 11, 2023 · 4af3f8d · 4af3f8d
1 parent 611afc4
commit 4af3f8d
Show file tree

Hide file tree

Showing 17 changed files with 437 additions and 80 deletions.
diff --git a/sandbox/OpenIddict.Sandbox.AspNet.Server/Startup.cs b/sandbox/OpenIddict.Sandbox.AspNet.Server/Startup.cs
@@ -179,6 +179,7 @@ public void Configuration(IAppBuilder app)
                 {
                     await manager.CreateAsync(new OpenIddictApplicationDescriptor
                     {
+                        ApplicationType = ApplicationTypes.Web,
                         ClientId = "mvc",
                         ClientSecret = "901564A5-E7FE-42CB-B10D-61EF6A8F3654",
                         ConsentType = ConsentTypes.Explicit,
@@ -215,6 +216,7 @@ await manager.CreateAsync(new OpenIddictApplicationDescriptor
                 {
                     await manager.CreateAsync(new OpenIddictApplicationDescriptor
                     {
+                        ApplicationType = ApplicationTypes.Native,
                         ClientId = "postman",
                         ConsentType = ConsentTypes.Systematic,
                         DisplayName = "Postman",

diff --git a/sandbox/OpenIddict.Sandbox.AspNetCore.Server/Worker.cs b/sandbox/OpenIddict.Sandbox.AspNetCore.Server/Worker.cs
@@ -30,6 +30,9 @@ static async Task RegisterApplicationsAsync(IServiceProvider provider)
             {
                 await manager.CreateAsync(new OpenIddictApplicationDescriptor
                 {
+                    // Note: the application must be registered as a native application to force OpenIddict
+                    // to apply a relaxed redirect_uri validation policy that allows specifying a random port.
+                    ApplicationType = ApplicationTypes.Native,
                     ClientId = "console",
                     ConsentType = ConsentTypes.Systematic,
                     DisplayName = "Console client application",
@@ -39,17 +42,9 @@ await manager.CreateAsync(new OpenIddictApplicationDescriptor
                     },
                     RedirectUris =
                     {
-                        new Uri("http://localhost:49152/callback/login/local"),
-                        new Uri("http://localhost:49153/callback/login/local"),
-                        new Uri("http://localhost:49154/callback/login/local"),
-                        new Uri("http://localhost:49155/callback/login/local"),
-                        new Uri("http://localhost:49156/callback/login/local"),
-                        new Uri("http://localhost:49157/callback/login/local"),
-                        new Uri("http://localhost:49158/callback/login/local"),
-                        new Uri("http://localhost:49159/callback/login/local"),
-                        new Uri("http://localhost:49160/callback/login/local"),
-                        new Uri("http://localhost:49161/callback/login/local"),
-                        new Uri("http://localhost:49162/callback/login/local")
+                        // Note: the port must not be explicitly specified as it is selected
+                        // dynamically at runtime by the OpenIddict client system integration.
+                        new Uri("http://localhost/callback/login/local")
                     },
                     Permissions =
                     {
@@ -76,6 +71,7 @@ await manager.CreateAsync(new OpenIddictApplicationDescriptor
             {
                 await manager.CreateAsync(new OpenIddictApplicationDescriptor
                 {
+                    ApplicationType = ApplicationTypes.Web,
                     ClientId = "mvc",
                     ClientSecret = "901564A5-E7FE-42CB-B10D-61EF6A8F3654",
                     ConsentType = ConsentTypes.Explicit,
@@ -116,6 +112,7 @@ await manager.CreateAsync(new OpenIddictApplicationDescriptor
             {
                 await manager.CreateAsync(new OpenIddictApplicationDescriptor
                 {
+                    ApplicationType = ApplicationTypes.Native,
                     ClientId = "winforms",
                     ConsentType = ConsentTypes.Systematic,
                     DisplayName = "WinForms client application",
@@ -150,6 +147,7 @@ await manager.CreateAsync(new OpenIddictApplicationDescriptor
             {
                 await manager.CreateAsync(new OpenIddictApplicationDescriptor
                 {
+                    ApplicationType = ApplicationTypes.Native,
                     ClientId = "wpf",
                     ConsentType = ConsentTypes.Systematic,
                     DisplayName = "WPF client application",
@@ -209,6 +207,7 @@ await manager.CreateAsync(new OpenIddictApplicationDescriptor
             {
                 await manager.CreateAsync(new OpenIddictApplicationDescriptor
                 {
+                    ApplicationType = ApplicationTypes.Native,
                     ClientId = "postman",
                     ConsentType = ConsentTypes.Systematic,
                     DisplayName = "Postman",

diff --git a/src/OpenIddict.Abstractions/Descriptors/OpenIddictApplicationDescriptor.cs b/src/OpenIddict.Abstractions/Descriptors/OpenIddictApplicationDescriptor.cs
@@ -1,4 +1,5 @@
-using System.Globalization;
+using System.ComponentModel;
+using System.Globalization;
 using System.Text.Json;
 
 namespace OpenIddict.Abstractions;
@@ -8,6 +9,11 @@ namespace OpenIddict.Abstractions;
 /// </summary>
 public class OpenIddictApplicationDescriptor
 {
+    /// <summary>
+    /// Gets or sets the application type associated with the application.
+    /// </summary>
+    public string? ApplicationType { get; set; }
+
     /// <summary>
     /// Gets or sets the client identifier associated with the application.
     /// </summary>
@@ -20,6 +26,11 @@ public class OpenIddictApplicationDescriptor
     /// </summary>
     public string? ClientSecret { get; set; }
 
+    /// <summary>
+    /// Gets or sets the client type associated with the application.
+    /// </summary>
+    public string? ClientType { get; set; }
+
     /// <summary>
     /// Gets or sets the consent type associated with the application.
     /// </summary>
@@ -61,7 +72,13 @@ public class OpenIddictApplicationDescriptor
     public HashSet<string> Requirements { get; } = new(StringComparer.Ordinal);
 
     /// <summary>
-    /// Gets or sets the application type associated with the application.
+    /// Gets or sets the client type associated with the application.
     /// </summary>
-    public string? Type { get; set; }
+    [EditorBrowsable(EditorBrowsableState.Never)]
+    [Obsolete($"This property was replaced by {nameof(ClientType)} and will be removed in a future version.", true)]
+    public string? Type
+    {
+        get => ClientType;
+        set => ClientType = value;
+    }
 }
diff --git a/src/OpenIddict.Abstractions/Managers/IOpenIddictApplicationManager.cs b/src/OpenIddict.Abstractions/Managers/IOpenIddictApplicationManager.cs
@@ -130,6 +130,17 @@ IAsyncEnumerable<object> FindByPostLogoutRedirectUriAsync(
     IAsyncEnumerable<object> FindByRedirectUriAsync(
         [StringSyntax(StringSyntaxAttribute.Uri)] string uri, CancellationToken cancellationToken = default);
 
+    /// <summary>
+    /// Retrieves the application type associated with an application.
+    /// </summary>
+    /// <param name="application">The application.</param>
+    /// <param name="cancellationToken">The <see cref="CancellationToken"/> that can be used to abort the operation.</param>
+    /// <returns>
+    /// A <see cref="ValueTask{TResult}"/> that can be used to monitor the asynchronous operation,
+    /// whose result returns the application type of the application (by default, "web").
+    /// </returns>
+    ValueTask<string?> GetApplicationTypeAsync(object application, CancellationToken cancellationToken = default);
+
     /// <summary>
     /// Executes the specified query and returns the first element.
     /// </summary>
@@ -307,6 +318,15 @@ IAsyncEnumerable<object> FindByRedirectUriAsync(
     /// </returns>
     ValueTask<ImmutableArray<string>> GetRequirementsAsync(object application, CancellationToken cancellationToken = default);
 
+    /// <summary>
+    /// Determines whether a given application has the specified application type.
+    /// </summary>
+    /// <param name="application">The application.</param>
+    /// <param name="type">The expected application type.</param>
+    /// <param name="cancellationToken">The <see cref="CancellationToken"/> that can be used to abort the operation.</param>
+    /// <returns><see langword="true"/> if the application has the specified application type, <see langword="false"/> otherwise.</returns>
+    ValueTask<bool> HasApplicationTypeAsync(object application, string type, CancellationToken cancellationToken = default);
+
     /// <summary>
     /// Determines whether a given application has the specified client type.
     /// </summary>

diff --git a/src/OpenIddict.Abstractions/OpenIddictConstants.cs b/src/OpenIddict.Abstractions/OpenIddictConstants.cs
@@ -24,6 +24,12 @@ public static class Algorithms
         public const string RsaSsaPssSha512 = "PS512";
     }
 
+    public static class ApplicationTypes
+    {
+        public const string Native = "native";
+        public const string Web = "web";
+    }
+
     public static class AuthenticationMethodReferences
     {
         public const string Face = "face";

diff --git a/src/OpenIddict.Abstractions/Stores/IOpenIddictApplicationStore.cs b/src/OpenIddict.Abstractions/Stores/IOpenIddictApplicationStore.cs
@@ -95,6 +95,17 @@ IAsyncEnumerable<TApplication> FindByPostLogoutRedirectUriAsync(
     IAsyncEnumerable<TApplication> FindByRedirectUriAsync(
         [StringSyntax(StringSyntaxAttribute.Uri)] string uri, CancellationToken cancellationToken);
 
+    /// <summary>
+    /// Retrieves the application type associated with an application.
+    /// </summary>
+    /// <param name="application">The application.</param>
+    /// <param name="cancellationToken">The <see cref="CancellationToken"/> that can be used to abort the operation.</param>
+    /// <returns>
+    /// A <see cref="ValueTask{TResult}"/> that can be used to monitor the asynchronous operation,
+    /// whose result returns the application type of the application (by default, "web").
+    /// </returns>
+    ValueTask<string?> GetApplicationTypeAsync(TApplication application, CancellationToken cancellationToken);
+
     /// <summary>
     /// Executes the specified query and returns the first element.
     /// </summary>
@@ -277,6 +288,15 @@ IAsyncEnumerable<TResult> ListAsync<TState, TResult>(
         Func<IQueryable<TApplication>, TState, IQueryable<TResult>> query,
         TState state, CancellationToken cancellationToken);
 
+    /// <summary>
+    /// Sets the application type associated with an application.
+    /// </summary>
+    /// <param name="application">The application.</param>
+    /// <param name="type">The application type associated with the application.</param>
+    /// <param name="cancellationToken">The <see cref="CancellationToken"/> that can be used to abort the operation.</param>
+    /// <returns>A <see cref="ValueTask"/> that can be used to monitor the asynchronous operation.</returns>
+    ValueTask SetApplicationTypeAsync(TApplication application, string? type, CancellationToken cancellationToken);
+
     /// <summary>
     /// Sets the client identifier associated with an application.
     /// </summary>