Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- services.AddAuthentication(sharedOptions =>
- {
- sharedOptions.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
- sharedOptions.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
- })
- .AddOpenIdConnect(options =>
- {
- options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
- options.Authority = authConfig.GetValue<string>("Authority");
- options.RequireHttpsMetadata = false;
- options.ClientId = authConfig.GetValue<string>("ClientId");
- options.ClientSecret = authConfig.GetValue<string>("ClientSecret");
- options.ResponseType = "code id_token token";
- options.SaveTokens = true;
- options.GetClaimsFromUserInfoEndpoint = false;
- options.TokenValidationParameters = new
- TokenValidationParameters
- {
- NameClaimType = ClaimTypes.Name,
- RoleClaimType = ClaimTypes.Role
- };
- options.Events = new OpenIdConnectEvents
- {
- OnRemoteFailure = context =>
- {
- context.HttpContext.Response.Redirect($"/Error?RequestId=4000&errormessage={context.Failure?.Message }");
- context.HandleResponse();
- return Task.FromResult(0);
- },
- OnRedirectToIdentityProvider = context =>
- {
- //TODO: Get IdentityProvider value for Multiple subscribers and not from config
- var idp = authConfig.GetValue<string>("IdentityProvider");
- var acrValues = new List<string>();
- if (!string.IsNullOrWhiteSpace(idp))
- acrValues.Add($"idp:{idp}");
- if (acrValues.Count > 0)
- context.ProtocolMessage.AcrValues = string.Join(" ", acrValues);
- //if (context.ProtocolMessage.RequestType != OpenIdConnectRequestType.Logout)
- //{
- // if (!CurrentEnvironment.IsDevelopment() &&
- // context.ProtocolMessage.RequestType == OpenIdConnectRequestType.Authentication)
- // {
- // // in widget iframe skip prompt login screen
- // context.ProtocolMessage.Prompt = "none";
- // }
- // return Task.FromResult(0);
- //}
- var idTokenHint = context.HttpContext.User.FindFirst("id_token");
- if (idTokenHint != null)
- context.ProtocolMessage.IdTokenHint = idTokenHint.Value;
- return Task.FromResult(0);
- }
- "ClientName": "SampleApp",
- "ClientId": "sample.app.mvc",
- "Flow": 2,
- "RedirectUris": ["https://localhost:44368/signin-oidc","https://ecare-rooster-test.azurewebsites.net/signin-oidc"],
- "PostLogoutRedirectUris": ["https://localhost:44368/"],
- "PrefixClientClaims": true,
- "RequireConsent": false,
- "AllowedScopes":
- [
- "openid",
- "profile",
- "roles",
- "CustomScope"
- ],
- "Claims": [{
- "Type": "subscriberId",
- "Value": "35621957-cb82-4ecc-bce5-836c707d163c"
- }],
- "ClientSecrets": [{
- "Secret": "tudc73K2y7pnEjT2"
- }],
- "IdentityTokenLifetime": 300,
- "AccessTokenLifetime": 3600,
- "AuthorizationCodeLifetime": 300,
- "EnableLocalLogin": true
- }
Add Comment
Please, Sign In to add comment