-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[TeamHub] Initial configuration for IdentityServer
- Loading branch information
1 parent
f03c1cb
commit 30f40db
Showing
13 changed files
with
238 additions
and
66 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,45 @@ | ||
using IdentityModel.Client; | ||
using Microsoft.AspNetCore.Authorization; | ||
|
||
namespace TeamHub.API.Controllers | ||
{ | ||
public static class IdentityController | ||
{ | ||
public static void MapIdentityControllerEndpoints(this WebApplication app) | ||
{ | ||
//All | ||
app.MapGet("/token", [AllowAnonymous] async () => | ||
{ | ||
// discover endpoints from metadata | ||
var client = new HttpClient(); | ||
var disco = await client.GetDiscoveryDocumentAsync("https://localhost:5001"); | ||
//if (disco.IsError) | ||
//{ | ||
// Console.WriteLine(disco.Error); | ||
// return; | ||
//} | ||
// request token | ||
var tokenResponse = await client.RequestClientCredentialsTokenAsync(new ClientCredentialsTokenRequest | ||
{ | ||
Address = disco.TokenEndpoint, | ||
ClientId = "client", | ||
ClientSecret = "secret", | ||
Scope = "api1" | ||
}); | ||
//if (tokenResponse.IsError) | ||
//{ | ||
// Console.WriteLine(tokenResponse.Error); | ||
// return; | ||
//} | ||
return tokenResponse.AccessToken; | ||
}).RequireCors("MyAllowSpecificOrigins"); | ||
|
||
|
||
|
||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
using System.Security.Cryptography.X509Certificates; | ||
|
||
namespace TeamHub.Core | ||
{ | ||
public static class Security | ||
{ | ||
public static X509Certificate2 LoadCertificate() | ||
{ | ||
X509Store store = new X509Store(StoreName.Root, StoreLocation.LocalMachine); | ||
store.Open(OpenFlags.MaxAllowed); | ||
X509Certificate2 cert = store.Certificates.Cast<X509Certificate2>().FirstOrDefault(c => c.Subject == "CN=localhost"); | ||
store.Close(); | ||
return cert; | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,21 +1,33 @@ | ||
using Duende.IdentityServer.Models; | ||
|
||
namespace TeamHub.Identity | ||
namespace IdentityServer; | ||
|
||
public static class Config | ||
{ | ||
public static class Config | ||
{ | ||
public static IEnumerable<IdentityResource> IdentityResources => | ||
new IdentityResource[] | ||
public static IEnumerable<ApiScope> ApiScopes => | ||
new List<ApiScope> | ||
{ | ||
new ApiScope("api1", "My API") | ||
}; | ||
|
||
public static IEnumerable<Client> Clients => | ||
new List<Client> | ||
{ | ||
new Client | ||
{ | ||
new IdentityResources.OpenId() | ||
}; | ||
ClientId = "client", | ||
|
||
// no interactive user, use the clientid/secret for authentication | ||
AllowedGrantTypes = GrantTypes.ClientCredentials, | ||
|
||
public static IEnumerable<ApiScope> ApiScopes => | ||
new ApiScope[] | ||
{ }; | ||
// secret for authentication | ||
ClientSecrets = | ||
{ | ||
new Secret("secret".Sha256()) | ||
}, | ||
|
||
public static IEnumerable<Client> Clients => | ||
new Client[] | ||
{ }; | ||
} | ||
// scopes that client has access to | ||
AllowedScopes = { "api1" } | ||
} | ||
}; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,13 +1,24 @@ | ||
{ | ||
"Serilog": { | ||
"MinimumLevel": { | ||
"Default": "Debug", | ||
"Override": { | ||
"Microsoft": "Warning", | ||
"Microsoft.Hosting.Lifetime": "Information", | ||
"Microsoft.AspNetCore.Authentication": "Debug", | ||
"System": "Warning" | ||
} | ||
"Serilog": { | ||
"MinimumLevel": { | ||
"Default": "Debug", | ||
"Override": { | ||
"Microsoft": "Warning", | ||
"Microsoft.Hosting.Lifetime": "Information", | ||
"Microsoft.AspNetCore.Authentication": "Debug", | ||
"System": "Warning" | ||
} | ||
} | ||
}, | ||
"Kestrel": { | ||
"Endpoints": { | ||
"HttpsInlineCertAndKeyFile": { | ||
"Url": "https://localhost:5001", | ||
"Certificate": { | ||
"Path": "C:\\GitHub\\Workbench\\Misc\\SSL\\localhost.crt", | ||
"KeyPath": "C:\\GitHub\\Workbench\\Misc\\SSL\\localhost.key" | ||
} | ||
} | ||
} | ||
} | ||
} |
Oops, something went wrong.