635e3b6c86
- Add localhost:5777 callback URIs to fengling-console client - Register OIDC scopes: openid, profile, email - Add support for development environment
60 lines
1.7 KiB
C#
60 lines
1.7 KiB
C#
using Microsoft.AspNetCore.Authentication;
|
|
using Microsoft.AspNetCore.Authentication.Cookies;
|
|
using Microsoft.Extensions.DependencyInjection;
|
|
|
|
namespace Fengling.AuthService.Configuration;
|
|
|
|
public static class OpenIddictSetup
|
|
{
|
|
public static IServiceCollection AddOpenIddictConfiguration(
|
|
this IServiceCollection services,
|
|
IConfiguration configuration
|
|
)
|
|
{
|
|
var isTesting = configuration.GetValue<bool>("Testing", false);
|
|
|
|
var builder = services.AddOpenIddict();
|
|
|
|
builder.AddCore(options =>
|
|
{
|
|
options.UseEntityFrameworkCore().UseDbContext<Data.ApplicationDbContext>();
|
|
});
|
|
|
|
if (!isTesting)
|
|
{
|
|
builder.AddServer(options =>
|
|
{
|
|
options.SetIssuer(configuration["OpenIddict:Issuer"] ?? "https://auth.fengling.local");
|
|
|
|
options.AddDevelopmentEncryptionCertificate()
|
|
.AddDevelopmentSigningCertificate();
|
|
|
|
options.AllowAuthorizationCodeFlow()
|
|
.AllowPasswordFlow()
|
|
.AllowRefreshTokenFlow()
|
|
.RequireProofKeyForCodeExchange();
|
|
|
|
options.RegisterScopes(
|
|
"openid",
|
|
"profile",
|
|
"email",
|
|
"api",
|
|
"offline_access"
|
|
);
|
|
});
|
|
}
|
|
|
|
builder.AddValidation(options =>
|
|
{
|
|
options.UseLocalServer();
|
|
});
|
|
|
|
services.AddAuthentication(options =>
|
|
{
|
|
options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
|
|
});
|
|
|
|
return services;
|
|
}
|
|
}
|