From e9b7a362e09de2824f9c766f96311a39c8c345e1 Mon Sep 17 00:00:00 2001 From: movingsam Date: Sat, 21 Feb 2026 16:43:26 +0800 Subject: [PATCH] feat[platform]: add fengling-api OAuth client for introspection - Add RegisterApiClientAsync to seed OpenIddict applications - Register fengling-api client for Console backend token introspection - Client secret: fengling-api-secret (Confidential, with Introspection permission) This enables Console backend to validate tokens via introspection endpoint. --- Fengling.Platform.Infrastructure/SeedData.cs | 23 ++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/Fengling.Platform.Infrastructure/SeedData.cs b/Fengling.Platform.Infrastructure/SeedData.cs index 751e14f..ad22840 100644 --- a/Fengling.Platform.Infrastructure/SeedData.cs +++ b/Fengling.Platform.Infrastructure/SeedData.cs @@ -85,6 +85,7 @@ public static class SeedData await RegisterCustomScopesAsync(scopeManager); await RegisterVbenConsoleClientAsync(applicationManager); await RegisterSwaggerClientAsync(applicationManager); + await RegisterApiClientAsync(applicationManager); } private static async Task RegisterCustomScopesAsync(IOpenIddictScopeManager scopeManager) @@ -193,4 +194,26 @@ public static class SeedData } }); } + + private static async Task RegisterApiClientAsync(IOpenIddictApplicationManager applicationManager) + { + var existingClient = await applicationManager.FindByClientIdAsync("fengling-api"); + if (existingClient != null) + { + return; + } + + await applicationManager.CreateAsync(new OpenIddictApplicationDescriptor + { + ClientId = "fengling-api", + ClientSecret = "fengling-api-secret", + DisplayName = "Fengling API (Resource Server)", + ApplicationType = OpenIddictConstants.ApplicationTypes.Web, + ClientType = OpenIddictConstants.ClientTypes.Confidential, + Permissions = + { + OpenIddictConstants.Permissions.Endpoints.Introspection + } + }); + } } \ No newline at end of file