Merge pull request 'Added AddSecurityEndpoints login endpoint' (#89 ) from payments into master

Reviewed-on: #89
Added AddSecurityEndpoints login endpoint
2026-06-07 12:00:50 +02:00 · 2026-06-07 12:00:07 +02:00 · 2026-06-07 11:09:02 +02:00 · 2026-06-07 11:08:05 +02:00 · 2026-06-07 10:33:33 +02:00 · 2026-06-07 10:30:56 +02:00
1 changed files with 6 additions and 13 deletions
@@ -31,9 +31,8 @@ public static class Api

            options.ClientId = authOptions.ClientId;
            options.ClientSecret = authOptions.ClientSecret;
-            options.SignedOutCallbackPath = "/signout-callback-oidc";
-
            options.ResponseType = "code";
+
            options.SaveTokens = true;
            options.GetClaimsFromUserInfoEndpoint = true;

@@ -41,16 +40,10 @@ public static class Api
            options.Scope.Add("openid");
            options.Scope.Add("profile");
            options.Scope.Add("email");
-
-            options.CorrelationCookie.SecurePolicy = CookieSecurePolicy.Always;
-            options.CorrelationCookie.SameSite = SameSiteMode.None;
-            options.CorrelationCookie.HttpOnly = true;
-
-            options.NonceCookie.SecurePolicy = CookieSecurePolicy.Always;
-            options.NonceCookie.SameSite = SameSiteMode.None;
-            options.NonceCookie.HttpOnly = true;
        });

+        services.AddCascadingAuthenticationState();
+
        return services;
    }

@@ -71,7 +64,7 @@ public static class Api
                options.TokenValidationParameters = new TokenValidationParameters
                {
                    ValidIssuer = authOptions.Authority,
-                    ValidateAudience = false,
+                    ValidateAudience = true,
                    ValidateIssuer = true,
                };
            });
@@ -87,7 +80,7 @@ public static class Api
        {
            await context.ChallengeAsync(OpenIdConnectDefaults.AuthenticationScheme, new AuthenticationProperties
            {
-                RedirectUri = redirectUri,                
+                RedirectUri = redirectUri,
            });
        });

@@ -99,7 +92,7 @@ public static class Api

            await context.SignOutAsync(OpenIdConnectDefaults.AuthenticationScheme, new AuthenticationProperties
            {
-                RedirectUri = currentBaseUrl
+                RedirectUri = currentBaseUrl,
            });
        });
Author	SHA1	Message	Date
khwezi	4c194c1141	Merge pull request 'Added AddSecurityEndpoints login endpoint' (#89 ) from payments into master Reviewed-on: #89	2026-06-07 12:00:50 +02:00
Khwezi Mngoma	b41136e2c7	Added AddSecurityEndpoints login endpoint continuous-integration/drone/pr Build is passing Details	2026-06-07 12:00:07 +02:00
khwezi	41eb4daeb4	Merge pull request 'Refactored AddSecurityEndpoints' (#88 ) from payments into master Reviewed-on: #88	2026-06-07 11:09:02 +02:00
Khwezi Mngoma	c423f04b42	Refactored AddSecurityEndpoints continuous-integration/drone/pr Build is passing Details	2026-06-07 11:08:05 +02:00
khwezi	7fe5f7aef3	Merge pull request 'Refactored client auth method' (#87 ) from payments into master Reviewed-on: #87	2026-06-07 10:33:33 +02:00
Khwezi Mngoma	a567fc7cd7	Refactored client auth method continuous-integration/drone/pr Build is passing Details	2026-06-07 10:30:56 +02:00
khwezi	31254932ae	Merge pull request 'Enabled api audience verification' (#86 ) from payments into master Reviewed-on: #86	2026-06-06 23:54:13 +02:00
Khwezi Mngoma	c53434a578	Enabled api audience verification continuous-integration/drone/pr Build is passing Details	2026-06-06 23:53:19 +02:00