paul/yavsc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Identity Server reference

Browse Source
This commit is contained in:
Paul Schneider
2024-02-14 20:35:15 +00:00
parent 848d1a9ddf
commit 70d24e17d8
5 changed files with 99 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
.gitignore vendored
View File

@ -31,7 +31,7 @@ DataProtection/
/src/Yavsc/Temp-*/
/src/Yavsc/*-Avatars/
/src/Yavsc/bower_components/
/src/Yavsc/AppData*/
/src/Yavsc/Data-Dev/
/src/test/testingrepo/
connectionsettings.Development.json
appsettings.Development.json
@ -42,3 +42,4 @@ builds/
/test/yavscTests/test-results.html
/binaries/Debug/yavscd
yavsc-pre

52
src/Yavsc/Config.cs Normal file
View File

@ -0,0 +1,52 @@
using Duende.IdentityServer.Models;
namespace Yavsc;
public static class Config
{
public static IEnumerable<IdentityResource> IdentityResources =>
new IdentityResource[]
{
new IdentityResources.OpenId(),
new IdentityResources.Profile(),
};
public static IEnumerable<ApiScope> ApiScopes =>
new ApiScope[]
{
new ApiScope("scope1"),
new ApiScope("scope2"),
};
public static IEnumerable<Client> Clients =>
new Client[]
{
// m2m client credentials flow client
new Client
{
ClientId = "m2m.client",
ClientName = "Client Credentials Client",
AllowedGrantTypes = GrantTypes.ClientCredentials,
ClientSecrets = { new Secret("511536EF-F270-4058-80CA-1C89C192F69A".Sha256()) },
AllowedScopes = { "scope1" }
},
// interactive client using code flow + pkce
new Client
{
ClientId = "interactive",
ClientSecrets = { new Secret("49C1A7E1-0C79-4A89-A3D6-A37998FB86B0".Sha256()) },
AllowedGrantTypes = GrantTypes.Code,
RedirectUris = { "https://localhost:5001/signin-oidc" },
FrontChannelLogoutUri = "https://localhost:5001/signout-oidc",
PostLogoutRedirectUris = { "https://localhost:5001/signout-callback-oidc" },
AllowOfflineAccess = true,
AllowedScopes = { "openid", "profile", "scope2" }
},
};
}

50
src/Yavsc/Startup/Startup.cs
View File

@ -20,6 +20,7 @@ using Microsoft.AspNetCore.Identity;
using Yavsc.Interface;
using Yavsc.Settings;
using Microsoft.AspNetCore.DataProtection;
using Duende.IdentityServer;
namespace Yavsc
{
@ -93,7 +94,7 @@ namespace Yavsc
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddRazorPages();
IConfigurationSection siteSettings = Configuration.GetSection("Site");
_ = services.Configure<SiteSettings>(siteSettings);
@ -245,7 +246,7 @@ namespace Yavsc
{
options.ResourcesPath = "Resources";
});
var datadi = new DirectoryInfo(Configuration["Keys:Dir"]);
var datadi = new DirectoryInfo(Configuration["Site:DataDir"]);
// Add session related services.
services.AddSession();
services.AddDataProtection().PersistKeysToFileSystem(datadi);
@ -267,19 +268,37 @@ namespace Yavsc
options.AddPolicy("Authenticated", policy => policy.RequireAuthenticatedUser());
});
services.AddAuthentication("Bearer")
.AddJwtBearer("Bearer", options =>
{
options.Authority = siteSettings.GetValue<string>("Authority");
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateAudience = false
};
});
_ = services.AddControllersWithViews()
.AddNewtonsoftJson();
services.AddIdentityServer(options =>
{
options.Events.RaiseErrorEvents = true;
options.Events.RaiseInformationEvents = true;
options.Events.RaiseFailureEvents = true;
options.Events.RaiseSuccessEvents = true;
// see https://docs.duendesoftware.com/identityserver/v6/fundamentals/resources/
options.EmitStaticAudienceClaim = true;
})
.AddInMemoryIdentityResources(Config.IdentityResources)
.AddInMemoryApiScopes(Config.ApiScopes)
.AddInMemoryClients(Config.Clients)
.AddAspNetIdentity<ApplicationUser>();
services.AddAuthentication()
.AddGoogle(options =>
{
options.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme;
// register your IdentityServer with Google at https://console.developers.google.com
// enable the Google+ API
// set the redirect URI to https://localhost:5001/signin-google
options.ClientId = "copy client ID from Google here";
options.ClientSecret = "copy client secret from Google here";
});
}
public static IServiceProvider Services { get; private set; }
@ -383,8 +402,13 @@ Environment.SpecialFolder.LocalApplicationData, Environment.SpecialFolderOption.
app.UseSession();
_ = app.UseStatusCodePages().UseStaticFiles().UseAuthentication();
_ = app.UseMvcWithDefaultRoute();
_ = app.UseStatusCodePages();
app.UseStaticFiles();
app.UseRouting();
app.UseIdentityServer();
app.UseAuthorization();
app.UseMvcWithDefaultRoute();
}

4
src/Yavsc/Yavsc.csproj
View File

@ -9,7 +9,9 @@
<ItemGroup>
<PackageReference Include="Microsoft.AspNetCore.Identity.EntityFrameworkCore" Version="8.0.2" />
<PackageReference Include="Microsoft.AspNetCore.Identity.UI" Version="8.0.2" />
<PackageReference Include="Duende.IdentityServer.AspNetIdentity" Version="7.0.1" />
<PackageReference Include="Microsoft.AspNetCore.Authentication.Google" Version="8.0.2" />
<PackageReference Include="Microsoft.AspNetCore.Identity.UI" Version="8.0.2" />
<PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="8.0.2">
<IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
<PrivateAssets>all</PrivateAssets>

9
src/Yavsc/appsettings.json
View File

@ -22,11 +22,12 @@
"Name": "[a name for a site admin]",
"EMail": "[an e-mail for a site admin]"
},
"Avatars": "Avatars",
"Avatars": "avatars",
"Quota": 200000000,
"Bills": "Bills",
"Blog": "Blog",
"TempDir": "Temp"
"Bills": "bills",
"Blog": "blog",
"TempDir": "temp",
"DataDir": "data"
},
"Smtp": {
"Host": "[YOURSMTPHOST]",