Compare commits
8 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 khwezi
|
6e580ecdf6 | ||
 Khwezi Mngoma
|
60095057b7 | ||
|
khwezi
|
4c194c1141 | ||
|
Khwezi Mngoma
|
b41136e2c7 | ||
|
khwezi
|
41eb4daeb4 | ||
|
Khwezi Mngoma
|
c423f04b42 | ||
|
khwezi
|
7fe5f7aef3 | ||
|
Khwezi Mngoma
|
a567fc7cd7 |
@@ -10,7 +10,7 @@ public static class Api
|
|||||||
public const string Books = nameof(Books);
|
public const string Books = nameof(Books);
|
||||||
public const string Payments = nameof(Payments);
|
public const string Payments = nameof(Payments);
|
||||||
|
|
||||||
public static IServiceCollection AddLiteCharmsUiSecurity(this IServiceCollection services, IConfiguration configuration)
|
public static IServiceCollection AddLiteCharmsWebSecurity(this IServiceCollection services, IConfiguration configuration)
|
||||||
{
|
{
|
||||||
var configSection = configuration.GetSection(nameof(LiteCharmsSettings));
|
var configSection = configuration.GetSection(nameof(LiteCharmsSettings));
|
||||||
|
|
||||||
@@ -31,9 +31,8 @@ public static class Api
|
|||||||
|
|
||||||
options.ClientId = authOptions.ClientId;
|
options.ClientId = authOptions.ClientId;
|
||||||
options.ClientSecret = authOptions.ClientSecret;
|
options.ClientSecret = authOptions.ClientSecret;
|
||||||
options.SignedOutCallbackPath = "/signout-callback-oidc";
|
|
||||||
|
|
||||||
options.ResponseType = "code";
|
options.ResponseType = "code";
|
||||||
|
|
||||||
options.SaveTokens = true;
|
options.SaveTokens = true;
|
||||||
options.GetClaimsFromUserInfoEndpoint = true;
|
options.GetClaimsFromUserInfoEndpoint = true;
|
||||||
|
|
||||||
@@ -42,15 +41,27 @@ public static class Api
|
|||||||
options.Scope.Add("profile");
|
options.Scope.Add("profile");
|
||||||
options.Scope.Add("email");
|
options.Scope.Add("email");
|
||||||
|
|
||||||
options.CorrelationCookie.SecurePolicy = CookieSecurePolicy.Always;
|
options.Events = new OpenIdConnectEvents
|
||||||
options.CorrelationCookie.SameSite = SameSiteMode.None;
|
{
|
||||||
options.CorrelationCookie.HttpOnly = true;
|
OnRedirectToIdentityProviderForSignOut = context =>
|
||||||
|
{
|
||||||
|
var idToken = context.ProtocolMessage.IdTokenHint;
|
||||||
|
|
||||||
options.NonceCookie.SecurePolicy = CookieSecurePolicy.Always;
|
if (string.IsNullOrEmpty(idToken))
|
||||||
options.NonceCookie.SameSite = SameSiteMode.None;
|
{
|
||||||
options.NonceCookie.HttpOnly = true;
|
var tokens = context.Properties.GetTokens();
|
||||||
|
var idTokenItem = tokens.FirstOrDefault(t => string.Equals(t.Name, "id_token", StringComparison.Ordinal));
|
||||||
|
|
||||||
|
if (idTokenItem != null) context.ProtocolMessage.IdTokenHint = idTokenItem.Value;
|
||||||
|
}
|
||||||
|
|
||||||
|
return Task.CompletedTask;
|
||||||
|
},
|
||||||
|
};
|
||||||
});
|
});
|
||||||
|
|
||||||
|
services.AddCascadingAuthenticationState();
|
||||||
|
|
||||||
return services;
|
return services;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -87,7 +98,7 @@ public static class Api
|
|||||||
{
|
{
|
||||||
await context.ChallengeAsync(OpenIdConnectDefaults.AuthenticationScheme, new AuthenticationProperties
|
await context.ChallengeAsync(OpenIdConnectDefaults.AuthenticationScheme, new AuthenticationProperties
|
||||||
{
|
{
|
||||||
RedirectUri = redirectUri,
|
RedirectUri = redirectUri,
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
@@ -99,7 +110,7 @@ public static class Api
|
|||||||
|
|
||||||
await context.SignOutAsync(OpenIdConnectDefaults.AuthenticationScheme, new AuthenticationProperties
|
await context.SignOutAsync(OpenIdConnectDefaults.AuthenticationScheme, new AuthenticationProperties
|
||||||
{
|
{
|
||||||
RedirectUri = currentBaseUrl
|
RedirectUri = currentBaseUrl,
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user