WARN BROCKEN

2025-02-15 18:40:46 +00:00
parent 4dd7353235
commit 5b5016fedf
5 changed files with 25 additions and 18 deletions
--- a/src/Api/Program.cs
+++ b/src/Api/Program.cs
@ -45,7 +45,8 @@ internal class Program
                // this defines a CORS policy called "default"
                options.AddPolicy("default", policy =>
                {
-                    policy.WithOrigins("https://localhost:5003")
+                    policy.WithOrigins("https://localhost:5003"
+                    ,"http://localhost:5002")
                        .AllowAnyHeader()
                        .AllowAnyMethod();
                });
@ -53,7 +54,7 @@ internal class Program
            .AddControllersWithViews();

        // accepts any access token issued by identity server
-        var authenticationBuilder = services.AddAuthentication()
+        var authenticationBuilder = services.AddAuthentication("Bearer")
                 .AddJwtBearer("Bearer", options =>
                 {
                     options.IncludeErrorDetails = true;
@ -84,19 +85,18 @@ internal class Program
            app
                .UseRouting()
                .UseAuthentication()
-                .UseAuthorization().UseCors("default")
+               .UseAuthorization().UseCors("default")
                .UseEndpoints(endpoints =>
                {
-                    endpoints.MapDefaultControllerRoute()
-                        .RequireAuthorization();
+                    endpoints.MapDefaultControllerRoute().RequireAuthorization("ApiScope");
                });
-            app.MapIdentityApi<ApplicationUser>().RequireAuthorization("ApiScope");
-            app.UseSession();
+            //app.MapIdentityApi<ApplicationUser>().RequireAuthorization("ApiScope");
+             app.MapGet("/identity", (HttpContext context) =>
+            new JsonResult(context?.User?.Claims.Select(c => new { c.Type, c.Value }))
+        ).RequireAuthorization("ApiScope");
+
+            // app.UseSession();
            await app.RunAsync();
        };
-
-
-
-
    }
 }
--- a/src/Yavsc.Server/Config.cs
+++ b/src/Yavsc.Server/Config.cs
@ -76,7 +76,9 @@ public static class Config

                RedirectUris = { "https://localhost:5003/signin-oidc",
                "http://localhost:5002/signin-oidc"  },
-                PostLogoutRedirectUris = { "https://localhost:5003/signout-callback-oidc" },
+                PostLogoutRedirectUris = { 
+                    "http://localhost:5002/signout-callback-oidc",
+                    "https://localhost:5003/signout-callback-oidc" },

                AllowOfflineAccess = true,

@ -86,6 +88,10 @@ public static class Config
                    IdentityServerConstants.StandardScopes.Email,
                    IdentityServerConstants.StandardScopes.OfflineAccess,
                    "scope2" }
+                    ,
+                AllowedCorsOrigins=new string[]{"*"},
+                AllowRememberConsent=true
+                
            },
        };

--- a/src/Yavsc/Extensions/HostingExtensions.cs
+++ b/src/Yavsc/Extensions/HostingExtensions.cs
@ -303,14 +303,14 @@ public static class HostingExtensions
        string? googleClientSecret = configurationRoot["Authentication:Google:ClientSecret"];
     
        var authenticationBuilder = services.AddAuthentication()
-            .AddJwtBearer("Bearer", options =>
+        .AddJwtBearer("Bearer", options =>
            {
                options.IncludeErrorDetails = true;
                options.Authority = "https://localhost:5001";
                options.TokenValidationParameters =
                    new() { ValidateAudience = false };
            });
-
+            
        authenticationBuilder.AddGoogle(options =>
        {
            options.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme;
@ -329,7 +329,9 @@ public static class HostingExtensions
            .AddInMemoryClients(Config.Clients)
            .AddInMemoryApiScopes(Config.ApiScopes)
            .AddAspNetIdentity<ApplicationUser>()
-            .AddJwtBearerClientAuthentication();
+            .AddJwtBearerClientAuthentication()
+          //  .AddProfileService<ProfileService>()
+            ;
        if (builder.Environment.IsDevelopment())
        {
            identityServerBuilder.AddDeveloperSigningCredential();
--- a/src/cli/Startup.cs
+++ b/src/cli/Startup.cs
@ -130,7 +130,6 @@ namespace cli
            {
                options.ResourcesPath = "Resources";
            });
-
            services.Configure<SharedAuthenticationOptions>(options =>
            {
                options.SignInScheme = "Bearer";
@ -138,7 +137,7 @@ namespace cli

            services.AddTransient<Microsoft.Extensions.WebEncoders.UrlEncoder, UrlEncoder>();

-            services.AddAuthentication();
+            services.AddAuthentication("Bearer");

            services.AddSingleton(typeof(IApplicationEnvironment), svs => PlatformServices.Default.Application);
            services.AddSingleton(typeof(IRuntimeEnvironment), svs => PlatformServices.Default.Runtime);
--- a/src/sampleWebAsWebApiClient/Controllers/HomeController.cs
+++ b/src/sampleWebAsWebApiClient/Controllers/HomeController.cs
@ -44,7 +44,7 @@ namespace testOauthClient.Controllers

            var client = new HttpClient();
            client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);
-            var content = await client.GetStringAsync("https://localhost:6001/api/account/me");
+            var content = await client.GetStringAsync("https://localhost:6001/identity");

            ViewBag.Json = content;
            return View("json");