diff --git a/CSharp/OidcSamples/OidcSamples.AuthorizationServer/Config.cs b/CSharp/OidcSamples/OidcSamples.AuthorizationServer/Config.cs index 0d02b39..e3f180f 100644 --- a/CSharp/OidcSamples/OidcSamples.AuthorizationServer/Config.cs +++ b/CSharp/OidcSamples/OidcSamples.AuthorizationServer/Config.cs @@ -57,7 +57,7 @@ namespace OidcSamples.AuthorizationServer RequireClientSecret = false, RedirectUris = { - "https://localhost:3000/signin-oidc" + "http://localhost:3000/signin-oidc" }, AllowedScopes = { @@ -70,7 +70,7 @@ namespace OidcSamples.AuthorizationServer RequirePkce = true, PostLogoutRedirectUris = { - "https://localhost:3000/signout-callback-oidc" + "http://localhost:3000/signout-callback-oidc" }, RequireConsent = false, @@ -85,7 +85,7 @@ namespace OidcSamples.AuthorizationServer AllowedGrantTypes = GrantTypes.Code, RedirectUris = { - "https://localhost:7001/signin-oidc" + "http://localhost:7000/signin-oidc" }, AllowedScopes = { @@ -102,7 +102,7 @@ namespace OidcSamples.AuthorizationServer RequirePkce = true, PostLogoutRedirectUris = { - "https://localhost:7001/signout-callback-oidc" + "http://localhost:7000/signout-callback-oidc" }, RequireConsent = false, diff --git a/CSharp/OidcSamples/OidcSamples.AuthorizationServer/Properties/launchSettings.json b/CSharp/OidcSamples/OidcSamples.AuthorizationServer/Properties/launchSettings.json index 59dcdbe..49bcd52 100644 --- a/CSharp/OidcSamples/OidcSamples.AuthorizationServer/Properties/launchSettings.json +++ b/CSharp/OidcSamples/OidcSamples.AuthorizationServer/Properties/launchSettings.json @@ -6,7 +6,7 @@ "environmentVariables": { "ASPNETCORE_ENVIRONMENT": "Development" }, - "applicationUrl": "https://localhost:10000" + "applicationUrl": "http://localhost:10000" } } } \ No newline at end of file diff --git a/CSharp/OidcSamples/OidcSamples.AuthorizationServer/Startup.cs b/CSharp/OidcSamples/OidcSamples.AuthorizationServer/Startup.cs index ab808a4..598f498 100644 --- a/CSharp/OidcSamples/OidcSamples.AuthorizationServer/Startup.cs +++ b/CSharp/OidcSamples/OidcSamples.AuthorizationServer/Startup.cs @@ -3,8 +3,10 @@ using IdentityServerHost.Quickstart.UI; +using Microsoft.AspNetCore.Authentication.Cookies; using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.Hosting; +using Microsoft.AspNetCore.Http; using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Hosting; using System.Net; @@ -24,6 +26,7 @@ namespace OidcSamples.AuthorizationServer { services.AddControllersWithViews(); + // Dirty Hack: Disable verifying SSL certificates 😬 ServicePointManager.ServerCertificateValidationCallback += (sender, cert, chain, sslPolicyErrors) => true; @@ -59,6 +62,11 @@ namespace OidcSamples.AuthorizationServer app.UseDeveloperExceptionPage(); } + app.UseCookiePolicy(new CookiePolicyOptions + { + MinimumSameSitePolicy = SameSiteMode.Lax + }); + app.UseStaticFiles(); app.UseRouting(); diff --git a/CSharp/OidcSamples/OidcSamples.TaxApp/Properties/launchSettings.json b/CSharp/OidcSamples/OidcSamples.TaxApp/Properties/launchSettings.json index 40d3c42..7302866 100644 --- a/CSharp/OidcSamples/OidcSamples.TaxApp/Properties/launchSettings.json +++ b/CSharp/OidcSamples/OidcSamples.TaxApp/Properties/launchSettings.json @@ -20,7 +20,7 @@ "commandName": "Project", "dotnetRunMessages": "true", "launchBrowser": true, - "applicationUrl": "https://localhost:7001;http://localhost:7000", + "applicationUrl": "http://localhost:7000", "environmentVariables": { "ASPNETCORE_ENVIRONMENT": "Development", "ASPNETCORE_HOSTINGSTARTUPASSEMBLIES": "Microsoft.AspNetCore.Mvc.Razor.RuntimeCompilation" diff --git a/CSharp/OidcSamples/OidcSamples.TaxApp/Startup.cs b/CSharp/OidcSamples/OidcSamples.TaxApp/Startup.cs index 263a863..8d20320 100644 --- a/CSharp/OidcSamples/OidcSamples.TaxApp/Startup.cs +++ b/CSharp/OidcSamples/OidcSamples.TaxApp/Startup.cs @@ -8,6 +8,7 @@ using Microsoft.AspNetCore.HttpsPolicy; using Microsoft.Extensions.Configuration; using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Hosting; +using Microsoft.IdentityModel.Logging; using Microsoft.IdentityModel.Protocols.OpenIdConnect; using Microsoft.IdentityModel.Tokens; using Microsoft.Net.Http.Headers; @@ -31,6 +32,8 @@ namespace OidcSamples.TaxApp // This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { + IdentityModelEventSource.ShowPII = true; + // Dirty Hack: Disable verifying SSL certificates 😬 ServicePointManager.ServerCertificateValidationCallback += (sender, cert, chain, sslPolicyErrors) => true; @@ -48,7 +51,7 @@ namespace OidcSamples.TaxApp .AddOpenIdConnect(OpenIdConnectDefaults.AuthenticationScheme, options => { options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme; - options.Authority = "https://localhost:10000/"; + options.Authority = "http://localhost:10000/"; options.ClientId = "tax-asp-net-core-app"; options.ResponseType = OpenIdConnectResponseType.Code; options.UsePkce = true; @@ -64,6 +67,8 @@ namespace OidcSamples.TaxApp options.GetClaimsFromUserInfoEndpoint = true; options.TokenValidationParameters.NameClaimType = "name"; + + options.RequireHttpsMetadata = false; }); services.AddHttpContextAccessor(); @@ -72,14 +77,14 @@ namespace OidcSamples.TaxApp // create an HttpClient used for accessing the API services.AddHttpClient("APIClient", client => { - client.BaseAddress = new Uri("https://localhost:6001/"); + client.BaseAddress = new Uri("http://localhost:6000/"); client.DefaultRequestHeaders.Clear(); client.DefaultRequestHeaders.Add(HeaderNames.Accept, "application/json"); }).AddHttpMessageHandler(); services.AddHttpClient("IDPClient", client => { - client.BaseAddress = new Uri("https://localhost:5003/"); + client.BaseAddress = new Uri("http://localhost:10000/"); client.DefaultRequestHeaders.Clear(); client.DefaultRequestHeaders.Add(HeaderNames.Accept, "application/json"); }); @@ -99,7 +104,11 @@ namespace OidcSamples.TaxApp app.UseHsts(); } - app.UseHttpsRedirection(); + app.UseCookiePolicy(new CookiePolicyOptions + { + MinimumSameSitePolicy = Microsoft.AspNetCore.Http.SameSiteMode.Lax + }); + app.UseStaticFiles(); app.UseRouting(); diff --git a/CSharp/OidcSamples/OidcSamples.TrafficPoliceApi/Properties/launchSettings.json b/CSharp/OidcSamples/OidcSamples.TrafficPoliceApi/Properties/launchSettings.json index 66c2973..952fd18 100644 --- a/CSharp/OidcSamples/OidcSamples.TrafficPoliceApi/Properties/launchSettings.json +++ b/CSharp/OidcSamples/OidcSamples.TrafficPoliceApi/Properties/launchSettings.json @@ -22,7 +22,7 @@ "dotnetRunMessages": "true", "launchBrowser": true, "launchUrl": "swagger", - "applicationUrl": "https://localhost:6001;http://localhost:6000", + "applicationUrl": "http://localhost:6000", "environmentVariables": { "ASPNETCORE_ENVIRONMENT": "Development" } diff --git a/CSharp/OidcSamples/OidcSamples.TrafficPoliceApi/Startup.cs b/CSharp/OidcSamples/OidcSamples.TrafficPoliceApi/Startup.cs index 42014b1..0c0c26c 100644 --- a/CSharp/OidcSamples/OidcSamples.TrafficPoliceApi/Startup.cs +++ b/CSharp/OidcSamples/OidcSamples.TrafficPoliceApi/Startup.cs @@ -80,8 +80,9 @@ namespace OidcSamples.TrafficPoliceApi options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }).AddJwtBearer(options => { - options.Authority = "https://localhost:10000"; + options.Authority = "http://localhost:10000"; options.Audience = "traffic-police-api"; + options.RequireHttpsMetadata = false; }); } @@ -95,9 +96,12 @@ namespace OidcSamples.TrafficPoliceApi app.UseSwaggerUI(c => c.SwaggerEndpoint("/swagger/v1/swagger.json", "OidcSamples.TrafficPoliceApi v1")); } - app.UseCors("Default"); + app.UseCookiePolicy(new CookiePolicyOptions + { + MinimumSameSitePolicy = Microsoft.AspNetCore.Http.SameSiteMode.Lax + }); - app.UseHttpsRedirection(); + app.UseCors("Default"); app.UseRouting();