70 lines
2.1 KiB
Markdown
70 lines
2.1 KiB
Markdown
# Task 11: Pre-register Fengling.Console as OAuth Client
|
|
|
|
## Task Description
|
|
|
|
**Files:**
|
|
- Modify: `src/Fengling.AuthService/Data/SeedData.cs`
|
|
|
|
## Implementation Steps
|
|
|
|
### Step 1: Add Fengling.Console registration to SeedData
|
|
|
|
Edit: `src/Fengling.AuthService/Data/SeedData.cs`
|
|
|
|
Add after existing seed data:
|
|
```csharp
|
|
// Register Fengling.Console as OAuth client
|
|
var consoleClient = await context.OAuthApplications
|
|
.FirstOrDefaultAsync(c => c.ClientId == "fengling-console");
|
|
if (consoleClient == null)
|
|
{
|
|
consoleClient = new OAuthApplication
|
|
{
|
|
ClientId = "fengling-console",
|
|
ClientSecret = "console-secret-change-in-production",
|
|
DisplayName = "Fengling 运管中心",
|
|
RedirectUris = new[] { "http://console.fengling.local/auth/callback" },
|
|
PostLogoutRedirectUris = new[] { "http://console.fengling.local/" },
|
|
Scopes = new[] { "api", "offline_access" },
|
|
GrantTypes = new[] { "authorization_code", "refresh_token" },
|
|
ClientType = "confidential",
|
|
ConsentType = "implicit",
|
|
Status = "active",
|
|
CreatedAt = DateTime.UtcNow
|
|
};
|
|
context.OAuthApplications.Add(consoleClient);
|
|
await context.SaveChangesAsync();
|
|
}
|
|
```
|
|
|
|
### Step 2: Commit
|
|
|
|
```bash
|
|
git add src/Fengling.AuthService/Data/SeedData.cs
|
|
git commit -m "feat(auth): pre-register Fengling.Console as OAuth client"
|
|
```
|
|
|
|
## Context
|
|
|
|
This task pre-registers Fengling.Console as an OAuth client in the seed data. This allows the console to use OAuth2 authorization code flow for authentication.
|
|
|
|
**OAuth Client Configuration:**
|
|
- ClientId: `fengling-console`
|
|
- Redirect URI: `http://console.fengling.local/auth/callback`
|
|
- Scopes: `api`, `offline_access`
|
|
- Grant Types: `authorization_code`, `refresh_token`
|
|
|
|
## Verification
|
|
|
|
- [ ] Fengling.Console client added to seed data
|
|
- [ ] Client configured with correct redirect URIs
|
|
- [ ] Client has required scopes and grant types
|
|
- [ ] Build succeeds
|
|
- [ ] Committed to git
|
|
|
|
## Notes
|
|
|
|
- Client secret should be changed in production
|
|
- Redirect URI matches Fengling.Console domain
|
|
- Client will be created on first application startup
|