mirror of
https://github.com/ditkrg/AuthorizationServerDemos.git
synced 2026-01-23 22:56:56 +00:00
118 lines
4.3 KiB
C#
118 lines
4.3 KiB
C#
using Microsoft.AspNetCore.Authentication;
|
|
using Microsoft.AspNetCore.Authentication.Cookies;
|
|
using Microsoft.AspNetCore.Authentication.OpenIdConnect;
|
|
using Microsoft.AspNetCore.Authorization;
|
|
using Microsoft.AspNetCore.Builder;
|
|
using Microsoft.AspNetCore.Hosting;
|
|
using Microsoft.AspNetCore.HttpsPolicy;
|
|
using Microsoft.Extensions.Configuration;
|
|
using Microsoft.Extensions.DependencyInjection;
|
|
using Microsoft.Extensions.Hosting;
|
|
using Microsoft.IdentityModel.Protocols.OpenIdConnect;
|
|
using Microsoft.IdentityModel.Tokens;
|
|
using Microsoft.Net.Http.Headers;
|
|
using System;
|
|
using System.Collections.Generic;
|
|
using System.Linq;
|
|
using System.Net;
|
|
using System.Threading.Tasks;
|
|
|
|
namespace OidcSamples.TaxApp
|
|
{
|
|
public class Startup
|
|
{
|
|
public Startup(IConfiguration configuration)
|
|
{
|
|
Configuration = configuration;
|
|
}
|
|
|
|
public IConfiguration Configuration { get; }
|
|
|
|
// This method gets called by the runtime. Use this method to add services to the container.
|
|
public void ConfigureServices(IServiceCollection services)
|
|
{
|
|
// Dirty Hack: Disable verifying SSL certificates 😬
|
|
ServicePointManager.ServerCertificateValidationCallback +=
|
|
(sender, cert, chain, sslPolicyErrors) => true;
|
|
|
|
services.AddRazorPages();
|
|
|
|
services.AddControllersWithViews();
|
|
|
|
services.AddAuthentication(options =>
|
|
{
|
|
options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
|
|
options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
|
|
})
|
|
.AddCookie(CookieAuthenticationDefaults.AuthenticationScheme)
|
|
.AddOpenIdConnect(OpenIdConnectDefaults.AuthenticationScheme, options =>
|
|
{
|
|
options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
|
|
options.Authority = "https://localhost:10000/";
|
|
options.ClientId = "tax-asp-net-core-app";
|
|
options.ResponseType = OpenIdConnectResponseType.Code;
|
|
options.UsePkce = true;
|
|
|
|
options.Scope.Add("traffic-police-api");
|
|
options.Scope.Add("offline_access");
|
|
options.Scope.Add("profile");
|
|
options.Scope.Add("email");
|
|
|
|
options.SaveTokens = true;
|
|
options.ClientSecret = "secret";
|
|
|
|
options.GetClaimsFromUserInfoEndpoint = true;
|
|
|
|
options.TokenValidationParameters.NameClaimType = "name";
|
|
});
|
|
|
|
services.AddHttpContextAccessor();
|
|
services.AddTransient<BearerTokenHandler>();
|
|
|
|
// create an HttpClient used for accessing the API
|
|
services.AddHttpClient("APIClient", client =>
|
|
{
|
|
client.BaseAddress = new Uri("https://localhost:6001/");
|
|
client.DefaultRequestHeaders.Clear();
|
|
client.DefaultRequestHeaders.Add(HeaderNames.Accept, "application/json");
|
|
}).AddHttpMessageHandler<BearerTokenHandler>();
|
|
|
|
services.AddHttpClient("IDPClient", client =>
|
|
{
|
|
client.BaseAddress = new Uri("https://localhost:5003/");
|
|
client.DefaultRequestHeaders.Clear();
|
|
client.DefaultRequestHeaders.Add(HeaderNames.Accept, "application/json");
|
|
});
|
|
}
|
|
|
|
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
|
|
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
|
|
{
|
|
if (env.IsDevelopment())
|
|
{
|
|
app.UseDeveloperExceptionPage();
|
|
}
|
|
else
|
|
{
|
|
app.UseExceptionHandler("/Error");
|
|
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
|
|
app.UseHsts();
|
|
}
|
|
|
|
app.UseHttpsRedirection();
|
|
app.UseStaticFiles();
|
|
|
|
app.UseRouting();
|
|
|
|
app.UseAuthentication();
|
|
app.UseAuthorization();
|
|
|
|
app.UseEndpoints(endpoints =>
|
|
{
|
|
endpoints.MapRazorPages();
|
|
endpoints.MapControllers();
|
|
});
|
|
}
|
|
}
|
|
}
|