public AuthenticationUrls(IOidcConfiguration configuration, IAuthenticationService authenticationService)
{
_configuration = configuration;
_authenticationService = authenticationService;
}
public EmployerUrls(IEmployerUrlsConfiguration employerUrlsConfiguration, IOidcConfiguration oidcConfiguration)
{
_employerUrlsConfiguration = employerUrlsConfiguration;
_oidcConfiguration = oidcConfiguration;
}
public static IServiceCollection AddDasOidcAuthentication(this IServiceCollection services, IOidcConfiguration oidcConfiguration)
{
JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
services
.AddAuthentication(o =>
{
o.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
o.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
o.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
o.DefaultSignOutScheme = OpenIdConnectDefaults.AuthenticationScheme;
})
.AddCookie(o =>
{
o.AccessDeniedPath = "/403.html";
o.Cookie.Name = CookieNames.Authentication;
o.Cookie.SameSite = SameSiteMode.None;
o.Cookie.SecurePolicy = CookieSecurePolicy.Always;
o.ExpireTimeSpan = TimeSpan.FromMinutes(60);
o.SlidingExpiration = true;
})
.AddOpenIdConnect(o =>
{
o.Authority = oidcConfiguration.Authority;
o.ClientId = oidcConfiguration.ClientId;
o.ClientSecret = oidcConfiguration.ClientSecret;
o.MetadataAddress = oidcConfiguration.MetadataAddress;
o.ResponseType = "code";
o.ClaimActions.MapUniqueJsonKey("sub", "id");
o.Events.OnRemoteFailure = c =>
{
if (c.Failure.Message.Contains("Correlation failed"))
{
// TODO: Logging
c.Response.Redirect("/"); // TODO: Confirm correlation failure behaviour
c.HandleResponse();
}
return(Task.CompletedTask);
};
});
return(services);
}
public OidcConfigurationFactory(IOidcConfiguration config)
{
_config = config;
}
public IdentityServerConfigurationFactory(IOidcConfiguration configuration)
{
_configuration = configuration;
}
