This repository has been archived by the owner on Dec 24, 2020. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 19
/
OAuthIntrospectionOptions.cs
95 lines (81 loc) · 4.03 KB
/
OAuthIntrospectionOptions.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
/*
* Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
* See https://github.com/aspnet-contrib/AspNet.Security.OAuth.Extensions for more information
* concerning the license and the contributors participating to this project.
*/
using System.Collections.Generic;
using System.Net.Http;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.DataProtection;
using Microsoft.AspNetCore.Http.Authentication;
using Microsoft.Extensions.Caching.Distributed;
namespace AspNet.Security.OAuth.Introspection {
public class OAuthIntrospectionOptions : AuthenticationOptions {
public OAuthIntrospectionOptions() {
AuthenticationScheme = OAuthIntrospectionDefaults.AuthenticationScheme;
AutomaticAuthenticate = true;
AutomaticChallenge = true;
}
/// <summary>
/// Gets or sets the intended audiences of this resource server.
/// Setting this property is recommended when the authorization
/// server issues access tokens for multiple distinct resource servers.
/// </summary>
public IList<string> Audiences { get; } = new List<string>();
/// <summary>
/// Gets or sets the base address of the OAuth2/OpenID Connect server.
/// </summary>
public string Authority { get; set; }
/// <summary>
/// Gets or sets the address of the introspection endpoint.
/// </summary>
public string IntrospectionEndpoint { get; set; }
/// <summary>
/// Gets or sets the client identifier representing the resource server.
/// </summary>
public string ClientId { get; set; }
/// <summary>
/// Gets or sets the client secret used to
/// communicate with the introspection endpoint.
/// </summary>
public string ClientSecret { get; set; }
/// <summary>
/// Gets or sets a boolean determining whether the access token should be stored in the
/// <see cref="AuthenticationProperties"/> after a successful authentication process.
/// </summary>
public bool SaveToken { get; set; } = true;
/// <summary>
/// Gets or sets the cache used to store the authentication tickets
/// resolved from the access tokens received by the resource server.
/// </summary>
public IDistributedCache Cache { get; set; }
/// <summary>
/// Gets or sets the object provided by the application to process events raised by the authentication middleware.
/// The application may implement the interface fully, or it may create an instance of
/// <see cref="OAuthIntrospectionEvents"/> and assign delegates only to the events it wants to process.
/// </summary>
public OAuthIntrospectionEvents Events { get; set; } = new OAuthIntrospectionEvents();
/// <summary>
/// Gets or sets the HTTP client used to communicate
/// with the remote OAuth2/OpenID Connect server.
/// </summary>
public HttpClient HttpClient { get; set; } = new HttpClient();
/// <summary>
/// Gets or sets the clock used to determine the current date/time.
/// </summary>
public ISystemClock SystemClock { get; set; } = new SystemClock();
/// <summary>
/// Gets or sets the data format used to serialize and deserialize
/// the authenticated tickets stored in the distributed cache.
/// </summary>
public ISecureDataFormat<AuthenticationTicket> AccessTokenFormat { get; set; }
/// <summary>
/// Gets or sets the data protection provider used to create the default
/// data protectors used by <see cref="OAuthIntrospectionMiddleware"/>.
/// When this property is set to <c>null</c>, the data protection provider
/// is directly retrieved from the dependency injection container.
/// </summary>
public IDataProtectionProvider DataProtectionProvider { get; set; }
}
}