Compare commits
8 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 khwezi
|
6e580ecdf6 | ||
 Khwezi Mngoma
|
60095057b7 | ||
|
khwezi
|
4c194c1141 | ||
|
Khwezi Mngoma
|
b41136e2c7 | ||
|
khwezi
|
41eb4daeb4 | ||
|
Khwezi Mngoma
|
c423f04b42 | ||
|
khwezi
|
7fe5f7aef3 | ||
|
Khwezi Mngoma
|
a567fc7cd7 |
@@ -10,7 +10,7 @@ public static class Api
|
||||
public const string Books = nameof(Books);
|
||||
public const string Payments = nameof(Payments);
|
||||
|
||||
public static IServiceCollection AddLiteCharmsUiSecurity(this IServiceCollection services, IConfiguration configuration)
|
||||
public static IServiceCollection AddLiteCharmsWebSecurity(this IServiceCollection services, IConfiguration configuration)
|
||||
{
|
||||
var configSection = configuration.GetSection(nameof(LiteCharmsSettings));
|
||||
|
||||
@@ -31,9 +31,8 @@ public static class Api
|
||||
|
||||
options.ClientId = authOptions.ClientId;
|
||||
options.ClientSecret = authOptions.ClientSecret;
|
||||
options.SignedOutCallbackPath = "/signout-callback-oidc";
|
||||
|
||||
options.ResponseType = "code";
|
||||
|
||||
options.SaveTokens = true;
|
||||
options.GetClaimsFromUserInfoEndpoint = true;
|
||||
|
||||
@@ -42,15 +41,27 @@ public static class Api
|
||||
options.Scope.Add("profile");
|
||||
options.Scope.Add("email");
|
||||
|
||||
options.CorrelationCookie.SecurePolicy = CookieSecurePolicy.Always;
|
||||
options.CorrelationCookie.SameSite = SameSiteMode.None;
|
||||
options.CorrelationCookie.HttpOnly = true;
|
||||
options.Events = new OpenIdConnectEvents
|
||||
{
|
||||
OnRedirectToIdentityProviderForSignOut = context =>
|
||||
{
|
||||
var idToken = context.ProtocolMessage.IdTokenHint;
|
||||
|
||||
options.NonceCookie.SecurePolicy = CookieSecurePolicy.Always;
|
||||
options.NonceCookie.SameSite = SameSiteMode.None;
|
||||
options.NonceCookie.HttpOnly = true;
|
||||
if (string.IsNullOrEmpty(idToken))
|
||||
{
|
||||
var tokens = context.Properties.GetTokens();
|
||||
var idTokenItem = tokens.FirstOrDefault(t => string.Equals(t.Name, "id_token", StringComparison.Ordinal));
|
||||
|
||||
if (idTokenItem != null) context.ProtocolMessage.IdTokenHint = idTokenItem.Value;
|
||||
}
|
||||
|
||||
return Task.CompletedTask;
|
||||
},
|
||||
};
|
||||
});
|
||||
|
||||
services.AddCascadingAuthenticationState();
|
||||
|
||||
return services;
|
||||
}
|
||||
|
||||
@@ -87,7 +98,7 @@ public static class Api
|
||||
{
|
||||
await context.ChallengeAsync(OpenIdConnectDefaults.AuthenticationScheme, new AuthenticationProperties
|
||||
{
|
||||
RedirectUri = redirectUri,
|
||||
RedirectUri = redirectUri,
|
||||
});
|
||||
});
|
||||
|
||||
@@ -99,7 +110,7 @@ public static class Api
|
||||
|
||||
await context.SignOutAsync(OpenIdConnectDefaults.AuthenticationScheme, new AuthenticationProperties
|
||||
{
|
||||
RedirectUri = currentBaseUrl
|
||||
RedirectUri = currentBaseUrl,
|
||||
});
|
||||
});
|
||||
|
||||
|
||||
Reference in New Issue
Block a user