Skip to content

Add ClientResourcePermissionValueProvider implementation #24515

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
maliming wants to merge 16 commits into
base: dev
Choose a base branch
from
Open

Add ClientResourcePermissionValueProvider implementation #24515

maliming wants to merge 16 commits into from
+802 −83

Conversation

@maliming
Copy link
Member

@maliming maliming commented Dec 30, 2025
edited
Loading

Resolve #24296

screenshot-2025-12-8 T30-17-05

Copilot AI review requested due to automatic review settings December 30, 2025 10:56
@maliming maliming added this to the 10.2-preview milestone Dec 30, 2025
Copilot AI reviewed Dec 30, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adds a ClientResourcePermissionValueProvider implementation to support client-based resource permissions in ABP applications. The implementation mirrors the existing user/role permission patterns but applies them to OAuth/OIDC clients.

  • Adds client resource permission value provider to check permissions for OAuth clients
  • Implements permission management providers and lookup services for both OpenIddict and IdentityServer modules
  • Adds repository methods to retrieve applications/clients by IDs for efficient lookup

Reviewed changes

Copilot reviewed 72 out of 72 changed files in this pull request and generated 13 comments.

Show a summary per file
File Description
ClientResourcePermissionValueProvider.cs New provider class that checks resource permissions based on client claims
ApplicationResourcePermissionProviderKeyLookupService.cs OpenIddict service for searching and retrieving application keys for permission UI
ApplicationResourcePermissionManagementProvider.cs OpenIddict permission management provider for client-based resource permissions
ApplicationPermissionManagementProvider.cs Added multi-permission check method for batch operations
AbpApplicationFinder.cs New finder service to search OpenIddict applications by filter or IDs
ApplicationFinderResult.cs DTO for application search results
IApplicationFinder.cs Interface defining application search operations
OpenIddict repository files Added GetListByIdsAsync method to retrieve applications by ID array
ClientResourcePermissionProviderKeyLookupService.cs (IdentityServer) IdentityServer service for searching and retrieving client keys for permission UI
ClientResourcePermissionManagementProvider.cs (IdentityServer) IdentityServer permission management provider for client-based resource permissions
ClientPermissionManagementProvider.cs (IdentityServer) Added multi-permission check method for batch operations
ClientFinder.cs New finder service to search IdentityServer clients by filter or IDs
ClientFinderResult.cs DTO for client search results
IClientFinder.cs Interface defining client search operations
IdentityServer repository files Added GetListByIdsAsync method to retrieve clients by ID array
Module configuration files Registered new resource management providers and lookup services
Localization files Added translations for lookup service display names across all supported languages

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@codecov
Copy link

codecov bot commented Dec 30, 2025

Codecov Report

❌ Patch coverage is 4.52489% with 211 lines in your changes missing coverage. Please review.
✅ Project coverage is 50.92%. Comparing base (c1d5856) to head (fdff013).
⚠️ Report is 850 commits behind head on dev.

Files with missing lines Patch % Lines
...rver/ClientResourcePermissionManagementProvider.cs 0.00% 33 Missing ⚠️
...ApplicationResourcePermissionManagementProvider.cs 0.00% 30 Missing ⚠️
...Resources/ClientResourcePermissionValueProvider.cs 0.00% 28 Missing ⚠️
...in/Volo/Abp/IdentityServer/Clients/ClientFinder.cs 0.00% 26 Missing ⚠️
...bp/OpenIddict/Applications/AbpApplicationFinder.cs 0.00% 26 Missing ⚠️
...lientResourcePermissionProviderKeyLookupService.cs 0.00% 22 Missing ⚠️
...ationResourcePermissionProviderKeyLookupService.cs 0.00% 22 Missing ⚠️
...olo/Abp/IdentityServer/Clients/ClientRepository.cs 0.00% 5 Missing ⚠️
...bp/IdentityServer/MongoDB/MongoClientRepository.cs 0.00% 5 Missing ⚠️
...lications/EfCoreOpenIddictApplicationRepository.cs 0.00% 5 Missing ⚠️
... and 3 more
Additional details and impacted files 
@@            Coverage Diff             @@
##              dev   #24515      +/-   ##
==========================================
- Coverage   50.98%   50.92%   -0.06%     
==========================================
  Files        3296     3387      +91     
  Lines      107518   110935    +3417     
  Branches     8255     8433     +178     
==========================================
+ Hits        54817    56494    +1677     
- Misses      51007    52700    +1693     
- Partials     1694     1741      +47

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@maliming maliming requested a review from Copilot December 30, 2025 11:58
Copilot AI reviewed Dec 30, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 73 out of 74 changed files in this pull request and generated 3 comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@maliming maliming requested a review from EngincanV December 31, 2025 06:25
@EngincanV EngincanV requested a review from hikalkan December 31, 2025 11:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@EngincanV EngincanV EngincanV approved these changes

@hikalkan hikalkan Awaiting requested review from hikalkan

Assignees

No one assigned

Labels

abp-module-identityserver abp-module-openiddict

Projects

None yet

Milestone

10.2-preview

Development

Successfully merging this pull request may close these issues.

Resource Based Authorization Improvements

3 participants

@maliming @EngincanV