litecharms/components
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 114 Wiki Activity

Added UI security
continuous-integration/drone/pr Build is passing
Details

Browse Source
This commit is contained in:
Khwezi Mngoma
2026-06-04 14:08:27 +02:00
parent eef1096ec5
commit 5666ffd474
3 changed files with 43 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files
LiteCharms.Features/Api/Configuration/AuthentikSettings.cs
+2 -2
View File
@@ -6,9 +6,9 @@ public sealed class AuthentikSettings
public string? IntrospectionUrl { get; set; }
public string? ApiResourceName { get; set; }
public string? ClientId { get; set; }
public string? ApiResourceSecret { get; set; }
public string? ClientSecret { get; set; }
public string? RequiredClaimName { get; set; }
LiteCharms.Features/Extensions/Api.cs
+39 -5
View File
@@ -9,7 +9,42 @@ public static class Api
public const string Books = nameof(Books);
public const string Payments = nameof(Payments);
public static IServiceCollection AddAuthentic(this IServiceCollection services, IConfiguration configuration)
public static IServiceCollection AddAuthentikUiSecurity(this IServiceCollection services, IConfiguration configuration)
{
var configSection = configuration.GetSection(nameof(AuthentikSettings));
var authOptions = new AuthentikSettings();
configSection.Bind(authOptions);
services.Configure<AuthentikSettings>(configSection);
services.AddAuthentication(options =>
{
options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
})
.AddCookie(CookieAuthenticationDefaults.AuthenticationScheme)
.AddOpenIdConnect(OpenIdConnectDefaults.AuthenticationScheme, options =>
{
options.Authority = authOptions.Authority;
options.ClientId = authOptions.ClientId;
options.ClientSecret = authOptions.ClientSecret;
options.ResponseType = "code";
options.SaveTokens = true;
options.GetClaimsFromUserInfoEndpoint = true;
options.Scope.Clear();
options.Scope.Add("openid");
options.Scope.Add("profile");
options.Scope.Add("email");
});
return services;
}
public static IServiceCollection AddAuthentikApiSecurity(this IServiceCollection services, IConfiguration configuration)
{
var configSection = configuration.GetSection(nameof(AuthentikSettings));
@@ -23,13 +58,13 @@ public static class Api
{
options.Authority = authOptions.Authority;
options.IntrospectionEndpoint = authOptions.IntrospectionUrl;
options.ClientId = authOptions.ApiResourceName;
options.ClientSecret = authOptions.ApiResourceSecret;
options.ClientId = authOptions.ClientId;
options.ClientSecret = authOptions.ClientSecret;
options.NameClaimType = "sub";
options.DiscoveryPolicy.RequireHttps = authOptions.RequireHttpsMetadata;
options.DiscoveryPolicy.ValidateEndpoints = false;
options.EnableCaching = false;
options.EnableCaching = false;
});
if (!string.IsNullOrWhiteSpace(authOptions.RequiredClaimName) && !string.IsNullOrWhiteSpace(authOptions.RequiredClaimNameValue))
@@ -131,5 +166,4 @@ public static class Api
public static string ToEndpointName(this Type target, string? annotation = "") =>
$"{target.Name.Replace("Endpoint", string.Empty)}{annotation}".ToLower(CultureInfo.CurrentCulture);
}
LiteCharms.Features/LiteCharms.Features.csproj
+2
View File
@@ -38,6 +38,8 @@
<PackageReference Include="Microsoft.AspNetCore.Authentication.Certificate" Version="10.0.8" />
<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="10.0.8" />
<Using Include="Microsoft.AspNetCore.Authentication.OpenIdConnect"/>
<Using Include="Microsoft.AspNetCore.Authentication.Cookies"/>
<Using Include="IdentityModel.AspNetCore.OAuth2Introspection"/>
</ItemGroup>