diff --git a/src/Api/Program.cs b/src/Api/Program.cs index 0243fb86..f62f202c 100644 --- a/src/Api/Program.cs +++ b/src/Api/Program.cs @@ -45,7 +45,8 @@ internal class Program // this defines a CORS policy called "default" options.AddPolicy("default", policy => { - policy.WithOrigins("https://localhost:5003") + policy.WithOrigins("https://localhost:5003" + ,"http://localhost:5002") .AllowAnyHeader() .AllowAnyMethod(); }); @@ -53,7 +54,7 @@ internal class Program .AddControllersWithViews(); // accepts any access token issued by identity server - var authenticationBuilder = services.AddAuthentication() + var authenticationBuilder = services.AddAuthentication("Bearer") .AddJwtBearer("Bearer", options => { options.IncludeErrorDetails = true; @@ -84,19 +85,18 @@ internal class Program app .UseRouting() .UseAuthentication() - .UseAuthorization().UseCors("default") + .UseAuthorization().UseCors("default") .UseEndpoints(endpoints => { - endpoints.MapDefaultControllerRoute() - .RequireAuthorization(); + endpoints.MapDefaultControllerRoute().RequireAuthorization("ApiScope"); }); - app.MapIdentityApi().RequireAuthorization("ApiScope"); - app.UseSession(); + //app.MapIdentityApi().RequireAuthorization("ApiScope"); + app.MapGet("/identity", (HttpContext context) => + new JsonResult(context?.User?.Claims.Select(c => new { c.Type, c.Value })) + ).RequireAuthorization("ApiScope"); + + // app.UseSession(); await app.RunAsync(); }; - - - - } } diff --git a/src/Yavsc.Server/Config.cs b/src/Yavsc.Server/Config.cs index 9b7091c0..fe0ed6ac 100644 --- a/src/Yavsc.Server/Config.cs +++ b/src/Yavsc.Server/Config.cs @@ -76,7 +76,9 @@ public static class Config RedirectUris = { "https://localhost:5003/signin-oidc", "http://localhost:5002/signin-oidc" }, - PostLogoutRedirectUris = { "https://localhost:5003/signout-callback-oidc" }, + PostLogoutRedirectUris = { + "http://localhost:5002/signout-callback-oidc", + "https://localhost:5003/signout-callback-oidc" }, AllowOfflineAccess = true, @@ -86,6 +88,10 @@ public static class Config IdentityServerConstants.StandardScopes.Email, IdentityServerConstants.StandardScopes.OfflineAccess, "scope2" } + , + AllowedCorsOrigins=new string[]{"*"}, + AllowRememberConsent=true + }, }; diff --git a/src/Yavsc/Extensions/HostingExtensions.cs b/src/Yavsc/Extensions/HostingExtensions.cs index 67fc960a..7588f950 100644 --- a/src/Yavsc/Extensions/HostingExtensions.cs +++ b/src/Yavsc/Extensions/HostingExtensions.cs @@ -303,14 +303,14 @@ public static class HostingExtensions string? googleClientSecret = configurationRoot["Authentication:Google:ClientSecret"]; var authenticationBuilder = services.AddAuthentication() - .AddJwtBearer("Bearer", options => + .AddJwtBearer("Bearer", options => { options.IncludeErrorDetails = true; options.Authority = "https://localhost:5001"; options.TokenValidationParameters = new() { ValidateAudience = false }; }); - + authenticationBuilder.AddGoogle(options => { options.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme; @@ -329,7 +329,9 @@ public static class HostingExtensions .AddInMemoryClients(Config.Clients) .AddInMemoryApiScopes(Config.ApiScopes) .AddAspNetIdentity() - .AddJwtBearerClientAuthentication(); + .AddJwtBearerClientAuthentication() + // .AddProfileService() + ; if (builder.Environment.IsDevelopment()) { identityServerBuilder.AddDeveloperSigningCredential(); diff --git a/src/cli/Startup.cs b/src/cli/Startup.cs index 13639e3d..95f70edc 100644 --- a/src/cli/Startup.cs +++ b/src/cli/Startup.cs @@ -130,7 +130,6 @@ namespace cli { options.ResourcesPath = "Resources"; }); - services.Configure(options => { options.SignInScheme = "Bearer"; @@ -138,7 +137,7 @@ namespace cli services.AddTransient(); - services.AddAuthentication(); + services.AddAuthentication("Bearer"); services.AddSingleton(typeof(IApplicationEnvironment), svs => PlatformServices.Default.Application); services.AddSingleton(typeof(IRuntimeEnvironment), svs => PlatformServices.Default.Runtime); diff --git a/src/sampleWebAsWebApiClient/Controllers/HomeController.cs b/src/sampleWebAsWebApiClient/Controllers/HomeController.cs index 46ea870b..4dadcc91 100755 --- a/src/sampleWebAsWebApiClient/Controllers/HomeController.cs +++ b/src/sampleWebAsWebApiClient/Controllers/HomeController.cs @@ -44,7 +44,7 @@ namespace testOauthClient.Controllers var client = new HttpClient(); client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", accessToken); - var content = await client.GetStringAsync("https://localhost:6001/api/account/me"); + var content = await client.GetStringAsync("https://localhost:6001/identity"); ViewBag.Json = content; return View("json");