This commit is contained in:
Khwezi Mngoma
@@ -1,6 +1,6 @@
|
||||
{
|
||||
"FeatureManagement": {
|
||||
"CategorySeederService": true,
|
||||
"CategorySeederService": false,
|
||||
"CustomerSeederService": false,
|
||||
"ProductsSeederService": false
|
||||
},
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
## Authentik Token Request
|
||||
### Authentik Token Request (Service Account Explicit)
|
||||
POST {{authority}}
|
||||
Content-Type: application/x-www-form-urlencoded
|
||||
Accept-Encoding: identity
|
||||
|
||||
grant_type={{grantType}}&client_id={{clientId}}&client_secret={{clientSecret}}&username={{username}}&password={{password}}&scope={{scope}}
|
||||
grant_type={{grantType}}&client_id={{clientId}}&username={{username}}&password={{password}}&scope={{scope}}
|
||||
|
||||
@@ -4,6 +4,8 @@ public sealed class AuthentikSettings
|
||||
{
|
||||
public string? Authority { get; set; }
|
||||
|
||||
public string? IntrospectionUrl { get; set; }
|
||||
|
||||
public string? ApiResourceName { get; set; }
|
||||
|
||||
public string? ApiResourceSecret { get; set; }
|
||||
|
||||
@@ -22,22 +22,17 @@ public static class Api
|
||||
.AddOAuth2Introspection(OAuth2IntrospectionDefaults.AuthenticationScheme, options =>
|
||||
{
|
||||
options.Authority = authOptions.Authority;
|
||||
options.IntrospectionEndpoint = authOptions.IntrospectionUrl;
|
||||
options.ClientId = authOptions.ApiResourceName;
|
||||
options.ClientSecret = authOptions.ApiResourceSecret;
|
||||
|
||||
options.NameClaimType = "sub";
|
||||
options.DiscoveryPolicy.RequireHttps = authOptions.RequireHttpsMetadata;
|
||||
options.DiscoveryPolicy.ValidateEndpoints = false;
|
||||
options.EnableCaching = false;
|
||||
options.CacheDuration = TimeSpan.FromMinutes(10);
|
||||
});
|
||||
|
||||
if (!string.IsNullOrWhiteSpace(authOptions.RequiredClaimName) && !string.IsNullOrWhiteSpace(authOptions.RequiredClaimNameValue))
|
||||
{
|
||||
services.AddAuthorizationBuilder()
|
||||
.AddPolicy("ApiScope", policy =>
|
||||
policy.RequireClaim(authOptions.RequiredClaimName, authOptions.RequiredClaimNameValue));
|
||||
}
|
||||
else
|
||||
services.AddAuthorization();
|
||||
services.AddAuthorization();
|
||||
|
||||
return services;
|
||||
}
|
||||
|
||||
@@ -4,7 +4,7 @@ namespace LiteCharms.Features.Hasher;
|
||||
|
||||
public sealed partial class HashService(IHashids hasher) : IService
|
||||
{
|
||||
[GeneratedRegex(@"\A\b[0-9a-fA-F]+\b\Z")]
|
||||
[GeneratedRegex(@"\A\b[0-9a-fA-F]+\b\Z", RegexOptions.None, matchTimeoutMilliseconds: 100)]
|
||||
private static partial Regex HexHashRegex { get; }
|
||||
|
||||
[GeneratedRegex(@"\A[0-9a-fA-F]{32}\Z", RegexOptions.None, matchTimeoutMilliseconds: 100)]
|
||||
|
||||
Reference in New Issue
Block a user