Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- public class TestAuthentication
- {
- private HttpClient _client;
- public TestAuthentication()
- {
- _client = new HttpClient();
- }
- public async Task RunTest()
- {
- var token = await GetToken();
- if (string.IsNullOrWhiteSpace(token)) return;
- await GetClaims(token);
- }
- private async Task<string> GetToken()
- {
- var response = "";
- var disco = await DiscoveryClient.GetAsync("http://localhost:5000");
- //var tokenClient = new TokenClient(disco.TokenEndpoint, "EduOne", "secret");
- //var tokenResponse = await tokenClient.RequestClientCredentialsAsync("api");
- var tokenClient = new TokenClient(disco.TokenEndpoint, "ro.client", "secret");
- var tokenResponse = await tokenClient.RequestResourceOwnerPasswordAsync("alice@mail.com", "Password1!", "api1");
- // var tokenResponse = await tokenClient.RequestResourceOwnerPasswordAsync("alice@mail.com", "Password1!", "openid");
- if (tokenResponse.IsError)
- {
- Console.Out.WriteLine("Error:");
- Console.Out.WriteLine(tokenResponse.Error);
- Console.Out.Write(tokenResponse.ErrorDescription);
- }
- else
- {
- var extraClaims = new UserInfoClient(disco.UserInfoEndpoint);
- var identityClaims = await extraClaims.GetAsync(tokenResponse.AccessToken);
- response = tokenResponse.Json.ToString();
- Console.Out.WriteLine($"token: {response}");
- }
- return response;
- }
- private async Task GetClaims(string token)
- {
- try
- {
- var obj = JObject.Parse(token);
- var tok = obj["access_token"]?.ToString();
- _client = new HttpClient();
- _client.SetBearerToken(tok);
- var response = await _client.GetAsync("http://localhost:5000/api/v1/identity");
- if (!response.IsSuccessStatusCode)
- {
- Console.WriteLine(response.StatusCode);
- }
- else
- {
- var content = await response.Content.ReadAsStringAsync();
- Console.WriteLine(JArray.Parse(content));
- }
- }
- catch (Exception e)
- {
- var m = e.Message;
- //throw;
- }
- }
- ~TestAuthentication()
- {
- _client = null;
- }
- }
- new Client
- {
- ClientId = "ro.client",
- AllowedGrantTypes = GrantTypes.ResourceOwnerPassword,
- ClientSecrets =
- {
- new Secret("secret".Sha256())
- },
- AllowedScopes = {"api1" },
- AccessTokenType = AccessTokenType.Reference
- },
- new TestUser
- {
- SubjectId = "1",
- Username = "alice@mail.com",
- Password = "Password1!",
- Claims =
- {
- new Claim(JwtClaimTypes.Email, "mail@mail.com")
- }
- },
- new IdentityResource("api1", new string[]{JwtClaimTypes.Email})
- app.UseIdentityServer();
- // app.UseIdentity();
- // app.UseIdentity();
- app.UseIdentityServerAuthentication(new IdentityServerAuthenticationOptions
- {
- ApiSecret = "secret",
- Authority = "http://localhost:5000",
- RequireHttpsMetadata = false,
- DiscoveryDocumentRefreshInterval = TimeSpan.FromMinutes(5),
- ApiName = "FiserOpenIdentityApi",
- SupportedTokens = IdentityServer4.AccessTokenValidation.SupportedTokens.Both,
- AllowedScopes = { "openid", "profile", "email", "api1", "FiserOpenIdentityApi" }
- });
- JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
- app.UseCookieAuthentication(new CookieAuthenticationOptions
- {
- AuthenticationScheme = "Cookies"
- });
- app.UseOpenIdConnectAuthentication(new OpenIdConnectOptions
- {
- AuthenticationScheme = "oidc",
- SignInScheme = "Cookies",
- Authority = "http://localhost:5000",
- ClientId = "ro.client",
- RequireHttpsMetadata = false,
- ClientSecret = "secret",
- SaveTokens = false
- });
- // app.UseJwtBearerAuthentication();
- app.UseMvc(routes =>
- {
- routes.MapRoute(
- name: "default",
- template: "{controller=Home}/{action=Index}/{id?}");
- routes.MapRoute(
- name: "RESTApiV1",
- template: "api/v1/{controller}/{action}/{id?}");
- });
- app.UseMongoDbForIdentityServer();
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement