Esempio n. 1
0
        protected override void PostConfigure(string schemeName, OpenIdConnectOptions options)
        {
            options.SignInScheme ??= AuthOptions.DefaultSignInScheme ?? AuthOptions.DefaultScheme;

            var go = new OpenIdConnectPostConfigureOptions(_dataProtectionProvider);

            go.PostConfigure(schemeName, options);
        }
Esempio n. 2
0
        public IActionResult AddOpenIdConnect()
        {
            _schemeProvider.AddScheme(new AuthenticationScheme("oidc", "OpenID Connect", typeof(OpenIdConnectHandler)));
            var options = new OpenIdConnectOptions
            {
                MetadataAddress = "https://XXX/.well-known/openid-configuration",
                ClientId        = "XXX",
                ClientSecret    = "XXX",
                CallbackPath    = "/signin-oidc",
            };

            _openIdConnectPostConfigureOptions.PostConfigure("oidc", options);
            _openIdConnectOptionsCache.TryAdd("oidc", options);
            return(Redirect("/"));
        }
Esempio n. 3
0
        public async Task AddOrUpdate(string tenantId)
        {
            var scheme          = $"{tenantId}-scheme";
            var oidOptions      = new OpenIdConnectOptions();
            var samlOptions     = new Saml2pAuthenticationOptions();
            var saml2SpOptions  = new SpOptions();
            var saml2IdpOptions = new IdpOptions();
            var tenant          = _repo.GetAllTenants().FirstOrDefault(x => x.TenantId.Equals(tenantId));
            var oidcProtocol    = tenant.Protocol.Equals("oidc");

            if (tenant != null && oidcProtocol)
            {
                var oidConfig = _repo.GetOpenIdConfig(tenantId);
                oidOptions = BuildOidOptions(oidConfig);
            }
            else
            {
                var samlConfig = _repo.GetSamlConfig(tenantId);
                saml2SpOptions = new SpOptions()
                {
                    EntityId                   = "https://localhost:44374/saml",
                    SigningCertificate         = new X509Certificate2("testclient.pfx", "test"),
                    MetadataPath               = "/saml/metadata",
                    SignAuthenticationRequests = true
                };
                saml2IdpOptions = new IdpOptions()
                {
                    EntityId             = samlConfig.IdpEntityId,
                    SingleSignOnEndpoint = new SamlEndpoint(samlConfig.SingleSignOnEndpoint, SamlBindingTypes.HttpPost),
                    SingleLogoutEndpoint = new SamlEndpoint(samlConfig.SingleLogoutEndpoint, SamlBindingTypes.HttpPost),
                    SigningCertificate   = new X509Certificate2(samlConfig.IdpSigningCertificate), //file name
                };

                samlOptions = BuildSamlOptions(samlConfig, saml2SpOptions, saml2IdpOptions);
            }

            if (await _schemeProvider.GetSchemeAsync(scheme) == null)

            {
                _schemeProvider.AddScheme(new AuthenticationScheme(scheme, scheme, oidcProtocol ? typeof(OpenIdConnectHandler) : typeof(Saml2pAuthenticationHandler)));
            }
            else
            {
                if (oidcProtocol)
                {
                    _openIdOptions.TryRemove(scheme);
                }
                else
                {
                    _saml2pOptions.TryRemove(scheme);
                }
            }
            if (oidcProtocol)
            {
                _oidPostConfOptions.PostConfigure(scheme, oidOptions);
                _openIdOptions.TryAdd(scheme, oidOptions);
            }
            else
            {
                _saml2pOptions.TryAdd(scheme, samlOptions);
            }
        }