// clients want to access resources (aka scopes) public IEnumerable <Client> UserClients() { // Determine the ClientApp's URI from the config file var webClientOrigin = _clientResolver.Resolve().WithoutTrailingSlash(); // return the Application Client Web App yield return(new Client { ClientId = Constants.WebClientName, AllowedGrantTypes = GrantTypes.Implicit, AllowAccessTokensViaBrowser = true, RedirectUris = { $"{webClientOrigin}/sign-in-callback", $"{webClientOrigin}/assets/silent-refresh-callback.html" }, PostLogoutRedirectUris = { $"{webClientOrigin}/welcome" }, AllowedCorsOrigins = { webClientOrigin }, RequireConsent = false, AccessTokenLifetime = 60 * 60 * 24 * (_config?.WebClientAccessTokenLifetimeInDays ?? ClientApplicationsOptions.DefaultAccessTokenLifetimeInDays), AlwaysIncludeUserClaimsInIdToken = true, AllowedScopes = { IdentityServerConstants.StandardScopes.OpenId, IdentityServerConstants.StandardScopes.Profile, IdentityServerConstants.StandardScopes.Email, Constants.ApiResourceName }, }); }
private IActionResult OnSignIn(string returnUrl) { if (returnUrl != null) { // This url most likely came from identity server return(LocalRedirect(returnUrl)); } else { // Redirect to the root of the web app var url = _resolver.Resolve(); return(Redirect(url)); } }
private IActionResult OnSignIn(string returnUrl) { if (returnUrl != null && Url.IsLocalUrl(returnUrl)) { // This url most likely came from identity server return(LocalRedirect(returnUrl)); } else { // Redirect to the root of the web app var webAppUrl = _resolver.Resolve(); if (returnUrl != null && returnUrl.StartsWith(webAppUrl)) { // If the returnUrl takes the user to the client app return(Redirect(returnUrl)); } else { // If we could not recognize the returnUrl return(Redirect(webAppUrl)); } } }
// clients want to access resources (aka scopes) private IEnumerable <Client> GetClients() { // Determine the ClientApp's URI from the config file var webClientOrigin = _clientResolver.Resolve().WithoutTrailingSlash(); // return the Application Client Web App yield return(new Client { ClientId = "WebClient", AllowedGrantTypes = GrantTypes.Implicit, AllowAccessTokensViaBrowser = true, RedirectUris = { $"{webClientOrigin}/sign-in-callback", $"{webClientOrigin}/assets/silent-refresh-callback.html" }, PostLogoutRedirectUris = { $"{webClientOrigin}/welcome" }, AllowedCorsOrigins = { webClientOrigin }, RequireConsent = false, AccessTokenLifetime = 60 * 60 * 24 * (_config?.WebClientAccessTokenLifetimeInDays ?? ClientApplicationsOptions.DEFAULT_ACCESS_TOKEN_LIFETIME_IN_DAYS), AlwaysIncludeUserClaimsInIdToken = true, AllowedScopes = { IdentityServerConstants.StandardScopes.OpenId, IdentityServerConstants.StandardScopes.Profile, IdentityServerConstants.StandardScopes.Email, Constants.ApiResourceName }, }); /// TODO: Mobile Client App //yield return new Client { // ClientId = "MobileClient", // AllowedGrantTypes = GrantTypes.Code, // RequirePkce = true, //}; }
public Task <bool> IsOriginAllowedAsync(string origin) { var webClientOrigin = _resolver.Resolve().WithoutTrailingSlash(); return(Task.FromResult(origin == webClientOrigin)); }