testoidc
This commit is contained in:
@ -69,7 +69,7 @@
|
|||||||
@foreach (var description in Model.ExternalProviders) {
|
@foreach (var description in Model.ExternalProviders) {
|
||||||
<form action="/signin" method="post">
|
<form action="/signin" method="post">
|
||||||
<input type="hidden" name="Provider" value="@description.AuthenticationScheme" />
|
<input type="hidden" name="Provider" value="@description.AuthenticationScheme" />
|
||||||
<input type="hidden" name="ReturnUrl" value="@Url.Action("ExternalLoginCallback","Account", new { returnUrl = Model.ReturnUrl })" />
|
<input type="hidden" name="ReturnUrl" value="@Model.ReturnUrl" />
|
||||||
<button class="btn btn-lg btn-success" type="submit">@SR["Connect using"] @description.DisplayName</button>
|
<button class="btn btn-lg btn-success" type="submit">@SR["Connect using"] @description.DisplayName</button>
|
||||||
@Html.AntiForgeryToken()
|
@Html.AntiForgeryToken()
|
||||||
</form>
|
</form>
|
||||||
|
|||||||
@ -108,10 +108,10 @@ namespace Yavsc.Controllers
|
|||||||
_logger.LogWarning("ReturnUrl not specified");
|
_logger.LogWarning("ReturnUrl not specified");
|
||||||
return HttpBadRequest();
|
return HttpBadRequest();
|
||||||
}
|
}
|
||||||
|
var redirectUrl = Url.Action("ExternalLoginCallback", "Account", new { ReturnUrl = ReturnUrl });
|
||||||
return new ChallengeResult(Provider, new AuthenticationProperties {
|
var properties = _signInManager.ConfigureExternalAuthenticationProperties(Provider, redirectUrl);
|
||||||
RedirectUri = Url.Action("ExternalLoginCallback","Account", new {returnUrl= ReturnUrl})
|
// var properties = new AuthenticationProperties{RedirectUri=ReturnUrl};
|
||||||
});
|
return new ChallengeResult(Provider,properties);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@ -181,10 +181,10 @@ namespace Yavsc.Controllers
|
|||||||
|
|
||||||
if (!User.Identities.Any(identity => identity.IsAuthenticated))
|
if (!User.Identities.Any(identity => identity.IsAuthenticated))
|
||||||
{
|
{
|
||||||
return new ChallengeResult(new AuthenticationProperties
|
return new ChallengeResult(new AuthenticationProperties {
|
||||||
{
|
RedirectUri = Url.Action(nameof(Authorize), new {
|
||||||
RedirectUri = Url.Action("ExternalLoginCallback","Account",new {returnUrl=request.BuildRedirectUrl()})
|
unique_id = request.GetUniqueIdentifier()
|
||||||
});
|
})});
|
||||||
}
|
}
|
||||||
// Note: ASOS automatically ensures that an application corresponds to the client_id specified
|
// Note: ASOS automatically ensures that an application corresponds to the client_id specified
|
||||||
// in the authorization request by calling IOpenIdConnectServerProvider.ValidateAuthorizationRequest.
|
// in the authorization request by calling IOpenIdConnectServerProvider.ValidateAuthorizationRequest.
|
||||||
|
|||||||
@ -210,6 +210,7 @@ namespace Yavsc
|
|||||||
option.Cookies.ApplicationCookie.DataProtectionProvider =
|
option.Cookies.ApplicationCookie.DataProtectionProvider =
|
||||||
new MonoDataProtectionProvider(Configuration["Site:Title"]);
|
new MonoDataProtectionProvider(Configuration["Site:Title"]);
|
||||||
option.Cookies.ApplicationCookie.CookieName = "Bearer";
|
option.Cookies.ApplicationCookie.CookieName = "Bearer";
|
||||||
|
|
||||||
}
|
}
|
||||||
).AddEntityFrameworkStores<ApplicationDbContext>()
|
).AddEntityFrameworkStores<ApplicationDbContext>()
|
||||||
.AddTokenProvider<EmailTokenProvider<ApplicationUser>>(Constants.EMailFactor)
|
.AddTokenProvider<EmailTokenProvider<ApplicationUser>>(Constants.EMailFactor)
|
||||||
@ -247,7 +248,7 @@ namespace Yavsc
|
|||||||
|
|
||||||
options.AddPolicy("FrontOffice", policy => policy.RequireRole(Constants.FrontOfficeGroupName));
|
options.AddPolicy("FrontOffice", policy => policy.RequireRole(Constants.FrontOfficeGroupName));
|
||||||
options.AddPolicy("Bearer",new AuthorizationPolicyBuilder()
|
options.AddPolicy("Bearer",new AuthorizationPolicyBuilder()
|
||||||
.AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme)
|
.AddAuthenticationSchemes("ServerCookie")
|
||||||
.RequireAuthenticatedUser().Build());
|
.RequireAuthenticatedUser().Build());
|
||||||
// options.AddPolicy("EmployeeId", policy => policy.RequireClaim("EmployeeId", "123", "456"));
|
// options.AddPolicy("EmployeeId", policy => policy.RequireClaim("EmployeeId", "123", "456"));
|
||||||
// options.AddPolicy("BuildingEntry", policy => policy.Requirements.Add(new OfficeEntryRequirement()));
|
// options.AddPolicy("BuildingEntry", policy => policy.Requirements.Add(new OfficeEntryRequirement()));
|
||||||
@ -358,18 +359,13 @@ namespace Yavsc
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
app.UseIISPlatformHandler(
|
|
||||||
options => options.AuthenticationDescriptions.Clear()
|
|
||||||
);
|
|
||||||
|
|
||||||
var googleOptions = new YavscGoogleOptions
|
var googleOptions = new YavscGoogleOptions
|
||||||
{
|
{
|
||||||
ClientId = Configuration["Authentication:Google:ClientId"],
|
ClientId = Configuration["Authentication:Google:ClientId"],
|
||||||
ClientSecret = Configuration["Authentication:Google:ClientSecret"],
|
ClientSecret = Configuration["Authentication:Google:ClientSecret"],
|
||||||
/* AccessType = "offline",
|
AccessType = "offline",
|
||||||
SaveTokensAsClaims = true,
|
SaveTokensAsClaims = true,
|
||||||
UserInformationEndpoint = "https://www.googleapis.com/plus/v1/people/me",*/
|
UserInformationEndpoint = "https://www.googleapis.com/plus/v1/people/me",
|
||||||
AutomaticAuthenticate=true,
|
|
||||||
AutomaticChallenge=true
|
AutomaticChallenge=true
|
||||||
};
|
};
|
||||||
var gvents = new OAuthEvents();
|
var gvents = new OAuthEvents();
|
||||||
@ -392,6 +388,12 @@ namespace Yavsc
|
|||||||
|
|
||||||
googleOptions.Scope.Add("https://www.googleapis.com/auth/calendar");
|
googleOptions.Scope.Add("https://www.googleapis.com/auth/calendar");
|
||||||
|
|
||||||
|
app.UseIISPlatformHandler(options =>
|
||||||
|
{
|
||||||
|
options.AuthenticationDescriptions.Clear();
|
||||||
|
options.AutomaticAuthentication = true;
|
||||||
|
});
|
||||||
|
|
||||||
app.UseFileServer(new FileServerOptions()
|
app.UseFileServer(new FileServerOptions()
|
||||||
{
|
{
|
||||||
FileProvider = new PhysicalFileProvider(
|
FileProvider = new PhysicalFileProvider(
|
||||||
@ -406,7 +408,30 @@ namespace Yavsc
|
|||||||
EnableDirectoryBrowsing = false
|
EnableDirectoryBrowsing = false
|
||||||
});
|
});
|
||||||
app.UseStaticFiles().UseWebSockets();
|
app.UseStaticFiles().UseWebSockets();
|
||||||
|
|
||||||
app.UseIdentity();
|
app.UseIdentity();
|
||||||
|
|
||||||
|
app.UseCookieAuthentication(options =>
|
||||||
|
{
|
||||||
|
options.AutomaticAuthenticate = true;
|
||||||
|
options.AutomaticChallenge = true;
|
||||||
|
options.AuthenticationScheme = "ServerCookie";
|
||||||
|
options.ExpireTimeSpan = TimeSpan.FromMinutes(5);
|
||||||
|
options.LoginPath = new PathString("/signin");
|
||||||
|
options.LogoutPath = new PathString("/signout");
|
||||||
|
// options.CookieName = "Bearer";
|
||||||
|
});
|
||||||
|
|
||||||
|
app.UseMiddleware<Yavsc.Auth.GoogleMiddleware>(googleOptions);
|
||||||
|
|
||||||
|
// Facebook
|
||||||
|
app.UseFacebookAuthentication(options =>
|
||||||
|
{
|
||||||
|
options.AppId = Configuration["Authentication:Facebook:AppId"];
|
||||||
|
options.AppSecret = Configuration["Authentication:Facebook:AppSecret"];
|
||||||
|
options.Scope.Add("email");
|
||||||
|
options.UserInformationEndpoint = "https://graph.facebook.com/v2.5/me?fields=id,name,email,first_name,last_name";
|
||||||
|
});
|
||||||
app.UseOpenIdConnectServer(options =>
|
app.UseOpenIdConnectServer(options =>
|
||||||
{
|
{
|
||||||
options.Provider = new AuthorizationProvider(loggerFactory,
|
options.Provider = new AuthorizationProvider(loggerFactory,
|
||||||
@ -424,6 +449,8 @@ namespace Yavsc
|
|||||||
options.ApplicationCanDisplayErrors = true;
|
options.ApplicationCanDisplayErrors = true;
|
||||||
options.AllowInsecureHttp = true;
|
options.AllowInsecureHttp = true;
|
||||||
options.AutomaticChallenge = true;
|
options.AutomaticChallenge = true;
|
||||||
|
// options.AutomaticAuthenticate=true;
|
||||||
|
|
||||||
|
|
||||||
options.AuthorizationEndpointPath = new PathString("/connect/authorize");
|
options.AuthorizationEndpointPath = new PathString("/connect/authorize");
|
||||||
options.TokenEndpointPath = new PathString("/connect/authorize/accept");
|
options.TokenEndpointPath = new PathString("/connect/authorize/accept");
|
||||||
@ -434,30 +461,6 @@ namespace Yavsc
|
|||||||
|
|
||||||
// options.ValidationEndpointPath = new PathString("/connect/introspect");
|
// options.ValidationEndpointPath = new PathString("/connect/introspect");
|
||||||
}); /**/
|
}); /**/
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
app.UseCookieAuthentication(options =>
|
|
||||||
{
|
|
||||||
options.AutomaticAuthenticate = true;
|
|
||||||
options.AutomaticChallenge = true;
|
|
||||||
options.AuthenticationScheme = "ServerCookie";
|
|
||||||
options.ExpireTimeSpan = TimeSpan.FromMinutes(5);
|
|
||||||
options.LoginPath = new PathString("/signin");
|
|
||||||
options.LogoutPath = new PathString("/signout");
|
|
||||||
});
|
|
||||||
|
|
||||||
app.UseMiddleware<Yavsc.Auth.GoogleMiddleware>(googleOptions);
|
|
||||||
|
|
||||||
// Facebook
|
|
||||||
app.UseFacebookAuthentication(options =>
|
|
||||||
{
|
|
||||||
options.AppId = Configuration["Authentication:Facebook:AppId"];
|
|
||||||
options.AppSecret = Configuration["Authentication:Facebook:AppSecret"];
|
|
||||||
options.Scope.Add("email");
|
|
||||||
options.UserInformationEndpoint = "https://graph.facebook.com/v2.5/me?fields=id,name,email,first_name,last_name";
|
|
||||||
});
|
|
||||||
|
|
||||||
app.UseRequestLocalization(localizationOptions.Value, (RequestCulture)new RequestCulture((string)"fr"));
|
app.UseRequestLocalization(localizationOptions.Value, (RequestCulture)new RequestCulture((string)"fr"));
|
||||||
|
|
||||||
/* Generic OAuth (here GitHub): options.Notifications = new OAuthAuthenticationNotifications
|
/* Generic OAuth (here GitHub): options.Notifications = new OAuthAuthenticationNotifications
|
||||||
|
|||||||
Reference in New Issue
Block a user