public static NaosServicesContextOptions AddOidcAuthentication( this NaosServicesContextOptions naosOptions, Action <AuthenticationHandlerOptions> options = null, string section = "naos:authentication:oidc") { EnsureArg.IsNotNull(naosOptions, nameof(naosOptions)); var configuration = naosOptions.Context.Configuration.GetSection(section).Get <OidcConfiguration>(); var handlerOptions = new AuthenticationHandlerOptions(); options?.Invoke(handlerOptions); naosOptions.Context.Services.AddAuthentication(options => { options.DefaultScheme = AuthenticationKeys.CookiesScheme; options.DefaultChallengeScheme = AuthenticationKeys.OidcScheme; }) .AddCookie() .AddOpenIdConnect(options => { options.Authority = configuration.Authority; options.ClientId = configuration.ClientId; options.ClientSecret = configuration.ClientSecret; options.SaveTokens = true; options.ResponseType = IdentityModel.Protocols.OpenIdConnect.OpenIdConnectResponseType.Code; // configuration.ResponseType; options.RequireHttpsMetadata = false; // dev only options.GetClaimsFromUserInfoEndpoint = true; options.Scope.Add("openid"); options.Scope.Add("profile"); options.Scope.Add("email"); options.Scope.Add("claims"); options.SaveTokens = true; //options.Events = new OpenIdConnectEvents //{ // OnTokenResponseReceived = async ctx => // { // var a = ctx.Principal; // }, // OnAuthorizationCodeReceived = async ctx => // { // var a = ctx.Principal; // } //}; options.TokenValidationParameters = new IdentityModel.Tokens.TokenValidationParameters { NameClaimType = "name", RoleClaimType = "groups", ValidateIssuer = true }; }); naosOptions.Context.Services.AddAuthorization(); naosOptions.Context.Messages.Add($"naos services builder: authentication added (type={AspNetCore.Authentication.OpenIdConnect.OpenIdConnectDefaults.AuthenticationScheme})"); naosOptions.Context.Services.AddSingleton(new NaosFeatureInformation { Name = "Authentication", Description = AspNetCore.Authentication.OpenIdConnect.OpenIdConnectDefaults.AuthenticationScheme, EchoRoute = "naos/authentication/echo" }); return(naosOptions); }
public static NaosServicesContextOptions AddEasyAuthentication( this NaosServicesContextOptions naosOptions, Action <AuthenticationHandlerOptions> options = null, string section = "naos:authentication:easyauth") { EnsureArg.IsNotNull(naosOptions, nameof(naosOptions)); var configuration = naosOptions.Context.Configuration.GetSection(section).Get <EasyAuthConfiguration>(); var handlerOptions = new AuthenticationHandlerOptions(); options?.Invoke(handlerOptions); naosOptions.Context.Services .AddAuthorization() .AddScoped <IPolicyEvaluator>(sp => new EasyAuthPolicyEvaluator( sp.GetRequiredService <IAuthorizationService>(), handlerOptions.Provider.EmptyToNull() ?? configuration.Provider.EmptyToNull() ?? EasyAuthProviders.AzureActiveDirectory)) .AddAuthentication(AuthenticationKeys.EasyAuthScheme) .AddEasyAuth(options); naosOptions.Context.Messages.Add($"naos services builder: authentication added (type={AuthenticationKeys.EasyAuthScheme})"); naosOptions.Context.Services.AddSingleton(new NaosFeatureInformation { Name = "Authentication", Description = "EasyAuth", EchoRoute = "naos/authentication/echo" }); return(naosOptions); }