public static AuthenticationBuilder AddCreyClientAuthenticationAndAuthorization(
this IServiceCollection collectionBuilder,
IConfiguration configuration,
SessionCookieOptions sessionCookieOptions = null,
params string[] additionalSchemes)
{
var authenticationBuilder = collectionBuilder
.AddSingleton <IAuthorizationHandler, RoleAuthorizationRequirementHandler>()
.AddAuthorization(options =>
{
options.AddCreyAuthorization(configuration, additionalSchemes);
options.DefaultPolicy = options.GetPolicy(CreyAuthorizationDefaults.CreyUser);
})
.AddAuthentication()
.AddSessionCookieAuthentication(configuration, (sessionCookieOptions == null)
? new SessionCookieOptions(configuration)
: sessionCookieOptions);
return(authenticationBuilder);
}
public static AuthenticationBuilder AddSessionCookieAuthentication(
this AuthenticationBuilder authenticationBuilder,
IConfiguration configuration,
SessionCookieOptions sessionCookieOptions)
{
return(authenticationBuilder.AddCookie(SessionCookieAuthenticationDefaults.AuthenticationScheme, options =>
{
options.Cookie.Name = configuration.GetSessionCookieName();
options.Cookie.Domain = configuration.GetCookieDomain();
options.Cookie.HttpOnly = false;
options.Cookie.SameSite = SameSiteMode.None;
options.Cookie.SecurePolicy = CookieSecurePolicy.Always;
options.ExpireTimeSpan = TimeSpan.FromDays(365); // TODO: remove when cookie refresh is implemented
options.SlidingExpiration = false;
options.Events = sessionCookieOptions.CookieAuthenticationEvents;
options.TicketDataFormat = new SessionCookieDataFormat(configuration, sessionCookieOptions.AuthenticationType);
options.LoginPath = new PathString(sessionCookieOptions.LoginPath);
options.LogoutPath = new PathString(sessionCookieOptions.LogoutPath);
}));
}