public static void AddIdentityServerClientServices(this IServiceCollection services, IConfiguration configuration)
{
var identityServerClientOptions = IdentityServerClientOptions.Bind(configuration);
services.AddSingleton(identityServerClientOptions);
services.AddAuthentication(options =>
{
options.DefaultScheme = "Cookies";
options.DefaultChallengeScheme = "oidc";
})
.AddCookie("Cookies")
.AddOpenIdConnect("oidc", options =>
{
options.SignInScheme = "Cookies";
options.Authority = identityServerClientOptions.IdentityServerUrl;
options.RequireHttpsMetadata = false;
options.ClientId = identityServerClientOptions.ClientId;
options.ClientSecret = identityServerClientOptions.Secret;
options.ResponseType = "code id_token";
options.SaveTokens = true;
options.GetClaimsFromUserInfoEndpoint = true;
options.Scope.Add("offline_access");
options.Scope.Add("email");
});
}
public static IdentityServerClientOptions Bind(IConfiguration configuration)
{
var result = new IdentityServerClientOptions();
var section = configuration.GetSection("IdentityServerClient");
if (!section.Exists())
{
throw new Exception("IdentityServerClient options don't exist.");
}
section.Bind(result);
if (string.IsNullOrEmpty(result.IdentityServerUrl))
{
throw new Exception("IdentityServerClient.IdentityServerUrl wasn't provided.");
}
if (string.IsNullOrEmpty(result.ClientId))
{
throw new Exception("IdentityServerClient.ClientId wasn't provided.");
}
if (string.IsNullOrEmpty(result.Secret))
{
throw new Exception("IdentityServerClient.Secret wasn't provided.");
}
return(result);
}
