Ticket #920 : IdServerUi templmate can now work with the administration website

Author: habarthierry-hue

Directory.Build.props

@@ -1,6 +1,6 @@
 <Project>
     <PropertyGroup>
-        <VersionPrefix>6.0.4</VersionPrefix>
+        <VersionPrefix>6.0.5</VersionPrefix>
         <Authors>SimpleIdServer</Authors>
         <Owners>SimpleIdServer</Owners>
     </PropertyGroup>

src/IdServer/SimpleIdServer.IdServer.Ui.Startup/Properties/launchSettings.json

@@ -6,7 +6,7 @@
       "environmentVariables": {
         "ASPNETCORE_ENVIRONMENT": "Development"
       },
-      "applicationUrl": "https://localhost:65455;http://localhost:65456"
+      "applicationUrl": "https://localhost:5001"
     }
   }
 }

src/IdServer/SimpleIdServer.IdServer.Website/IdServerWebsiteOptions.cs

@@ -7,10 +7,24 @@ public class IdServerWebsiteOptions
 {
     public string DefaultLanguage { get; set; } = "en";
     public string ScimUrl { get; set; } = "https://localhost:5003";
+    public IdServerWebsiteFeatures Features { get; set; } = new IdServerWebsiteFeatures();
     internal bool IsReamEnabled { get; set; } = false;
     internal string Issuer { get; set; } = "https://localhost:5001";
     internal bool ForceHttps { get; set; } = false;
     internal string ClientId { get; set; }
     internal string ClientSecret { get; set; }
     internal bool IgnoreCertificateError { get; set; }
 }
+
+public class IdServerWebsiteFeatures
+{
+    public bool IsFederationEntitiesEnabled
+    {
+        get; set;
+    } = true;
+
+    public bool IsMigrationsEnabled
+    {
+        get; set;
+    } = true;
+}

src/IdServer/SimpleIdServer.IdServer.Website/Shared/MainLayout.razor

@@ -1,4 +1,5 @@
-@using SimpleIdServer.IdServer.Helpers
+@using Microsoft.Extensions.Options
+@using SimpleIdServer.IdServer.Helpers
 @using SimpleIdServer.IdServer.Website.Infrastructures
 @using SimpleIdServer.IdServer.Website.Stores.AcrsStore;
 @using SimpleIdServer.IdServer.Website.Stores.AuthMethodsStore;
@@ -11,6 +12,7 @@
 @inherits Fluxor.Blazor.Web.Components.FluxorLayout
 @inject IState<RealmsState> state
 @inject IState<LanguagesState> languagesState
+@inject IOptions<IdServerWebsiteOptions> options
 @inject ContextMenuService contextMenuService
 @inject IDispatcher dispatcher
 @inject IUrlHelper urlHelper
@@ -75,10 +77,17 @@
                 </RadzenPanelMenuItem>
                 <RadzenPanelMenuItem Text="@Global.Configure" />
                 <RadzenPanelMenuItem Text="@Global.CertificateAuthoritiesTitle" Icon="shield" Path="@(urlHelper.GetUrl("/certificateauthorities"))" />
-                <RadzenPanelMenuItem Text="@Global.FederationEntitiesTitle" Icon="anchor" Path="@(urlHelper.GetUrl("/federationentities"))" />
+                @if(options.Value.Features.IsFederationEntitiesEnabled)
+                {
+                    <RadzenPanelMenuItem Text="@Global.FederationEntitiesTitle" Icon="anchor" Path="@(urlHelper.GetUrl("/federationentities"))" />
+                }
+
                 <RadzenPanelMenuItem Text="@Global.Auditing" Icon="source" Path="@(urlHelper.GetUrl("/auditing"))" />
                 <RadzenPanelMenuItem Text="@Global.RecurringJobs" Icon="schedule" Path="@(urlHelper.GetUrl("/recurringjobs/list"))" />
-                <RadzenPanelMenuItem Text="@Global.Migrations" Icon="upgrade" Path="@(urlHelper.GetUrl("/migrations"))" />
+                @if(options.Value.Features.IsMigrationsEnabled)
+                {
+                    <RadzenPanelMenuItem Text="@Global.Migrations" Icon="upgrade" Path="@(urlHelper.GetUrl("/migrations"))" />
+                }
             </RadzenPanelMenu>
         </RadzenSidebar>
         <RadzenBody>

src/IdServer/SimpleIdServer.IdServer.Website/WebsiteHttpClientFactory.cs

@@ -81,11 +81,17 @@ private async Task<GetAccessTokenResult> GetAccessToken(string currentRealm = nu
                 accessToken = _accessTokenStore.AccessTokens[realm];
             if (accessToken != null && accessToken.IsValid) return accessToken;
             if (accessToken != null && !accessToken.IsValid) _accessTokenStore.AccessTokens.TryRemove(realm, out GetAccessTokenResult r);
+            var scope = "provisioning users acrs configurations authenticationschemeproviders authenticationmethods registrationworkflows apiresources auditing certificateauthorities clients realms groups scopes workflows forms recurringjobs templates migrations";
+            if (_idServerWebsiteOptions.Features.IsFederationEntitiesEnabled)
+            {
+                scope += " federation_entities";
+            }
+
             var content = new List<KeyValuePair<string, string>>
                 {
                     new KeyValuePair<string, string>("client_id", _idServerWebsiteOptions.ClientId),
                     new KeyValuePair<string, string>("client_secret", _idServerWebsiteOptions.ClientSecret),
-                    new KeyValuePair<string, string>("scope", "provisioning users acrs configurations authenticationschemeproviders authenticationmethods registrationworkflows apiresources auditing certificateauthorities clients realms groups scopes federation_entities workflows forms recurringjobs templates migrations"),
+                    new KeyValuePair<string, string>("scope", scope),
                     new KeyValuePair<string, string>("grant_type", "client_credentials")
                 };
             var url = _idServerWebsiteOptions.Issuer;

src/IdServer/SimpleIdServer.IdServer/Builders/ScopeBuilder.cs

@@ -22,6 +22,7 @@ public static ScopeBuilder CreateApiScope(string name, bool isExposed = false)
                 Id = Guid.NewGuid().ToString(),
                 Name = name, 
                 IsExposedInConfigurationEdp = isExposed,
+                Type = ScopeTypes.APIRESOURCE,
                 Realms = new List<Domains.Realm>
                 {
                     Config.DefaultRealms.Master

src/IdServer/SimpleIdServer.IdServer/DataSeeder/InitUserDataSeeder.cs

@@ -4,6 +4,7 @@
 using DataSeeder;
 using SimpleIdServer.IdServer.Config;
 using SimpleIdServer.IdServer.Stores;
+using System.Collections.Generic;
 using System.Linq;
 using System.Threading;
 using System.Threading.Tasks;
@@ -35,10 +36,21 @@ protected override async Task Execute(CancellationToken cancellationToken)
         using (var transaction = _transactionBuilder.Build())
         {
             var subjects = DefaultUsers.All.Select(u => u.Name).ToList();
-            var existingUsers = await _userRepository.GetUsersBySubjects(subjects, Constants.DefaultRealm, cancellationToken);
+            var existingUsers = await _userRepository.GetUsersBySubjects(
+                subjects,
+                Constants.DefaultRealm,
+                cancellationToken);
             var unknownUsers = DefaultUsers.All.Where(u => !existingUsers.Any(eu => eu.Name == u.Name));
+            var allGroups = await _groupRepository.GetByIds(
+                unknownUsers.SelectMany(u => u.Groups?.Where(g => !string.IsNullOrWhiteSpace(g.GroupsId)).Select(g => g.GroupsId)?.Distinct()?.ToList() ?? new List<string>()).ToList(),
+                cancellationToken);
             foreach (var unknownUser in unknownUsers)
             {
+                foreach (var group in unknownUser.Groups)
+                {
+                    group.Group = allGroups.SingleOrDefault(g => g.Id == group.GroupsId);
+                }
+
                 _userRepository.Add(unknownUser);
             }
 

src/IdServer/SimpleIdServer.IdServer/IdServerBuilder.cs

@@ -139,6 +139,15 @@ public IdServerBuilder AddInMemoryUsers(List<User> users)
         Services.AddTransient<IDataSeeder, InitStaticUsersDataSeeder>();
         return this;
     }
+    /// <summary>
+    /// Adds an in-memory API resources repository using the provided list of API resources.
+    /// </summary>
+    public IdServerBuilder AddInMemoryApiResources(List<ApiResource> apiResources)
+    {
+        Services.AddSingleton(new StaticApiResourcesDataSeeder(apiResources));
+        Services.AddTransient<IDataSeeder, InitStaticApiResourceDataSeeder>();
+        return this;
+    }
 
     /// <summary>
     /// Adds an in-memory language repository using the provided list of languages.

src/IdServer/SimpleIdServer.IdServer/Migrations/Static/InitStaticApiResourceDataSeeder.cs

@@ -0,0 +1,56 @@
+// Copyright (c) SimpleIdServer. All rights reserved.
+// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
+using DataSeeder;
+using SimpleIdServer.IdServer.Domains;
+using SimpleIdServer.IdServer.Stores;
+using System.Collections.Generic;
+using System.Threading;
+using System.Threading.Tasks;
+
+namespace SimpleIdServer.IdServer.Migrations.Static;
+
+public class InitStaticApiResourceDataSeeder : BaseAfterDeploymentDataSeeder
+{
+    private readonly IApiResourceRepository _apiResourceRepository;
+    private readonly ITransactionBuilder _transactionBuilder;
+    private readonly StaticApiResourcesDataSeeder _apiResourcesData;
+
+    public InitStaticApiResourceDataSeeder(
+        IApiResourceRepository apiResourceRepository,
+        ITransactionBuilder transactionBuilder,
+        StaticApiResourcesDataSeeder apiResourcesData,
+        IDataSeederExecutionHistoryRepository dataSeederExecutionHistoryRepository
+        ) : base(dataSeederExecutionHistoryRepository)
+    {
+        _apiResourceRepository = apiResourceRepository;
+        _transactionBuilder = transactionBuilder;
+        _apiResourcesData = apiResourcesData;
+    }
+
+    public override string Name => nameof(InitStaticApiResourceDataSeeder);
+
+    protected override async Task Execute(CancellationToken cancellationToken)
+    {
+        using (var transaction = _transactionBuilder.Build())
+        {
+            foreach (var apiResource in _apiResourcesData.ApiResources)
+            {
+                _apiResourceRepository.Add(apiResource);
+            }
+
+            await transaction.Commit(cancellationToken);
+        }
+    }
+}
+public class StaticApiResourcesDataSeeder
+{
+    public StaticApiResourcesDataSeeder(List<ApiResource> apiResources)
+    {
+        ApiResources = apiResources;
+    }
+
+    public List<ApiResource> ApiResources
+    {
+        get; private set;
+    }
+}

src/IdServer/SimpleIdServer.IdServer/UI/CheckSessionController.cs

@@ -140,7 +140,7 @@ public async Task<IActionResult> EndSession([FromRoute] string prefix, Cancellat
                     url = $"/{Config.DefaultEndpoints.EndSessionCallback}?{string.Join("&", Request.Query.Select(q => $"{q.Key}={q.Value}"))}";
                 }
 
-                if (!string.IsNullOrWhiteSpace(prefix))
+                if (!string.IsNullOrWhiteSpace(prefix) && _options.RealmEnabled)
                 {
                     url = $"/{prefix}{url}";
                 }