// This method gets called by the runtime. Use this method to add services to the container. // For more information on how to configure your application, visit https://go.microsoft.com/fwlink/?LinkID=398940 public static void ConfigureServices(WebApplicationBuilder builder) { var services = builder.Services; var configuration = builder.Configuration; services.Configure <AppConfiguration>(configuration); AppConfiguration config = configuration.Get <AppConfiguration>(); services.AddCors(o => o .AddDefaultPolicy(b => b .AllowAnyOrigin() .AllowAnyHeader() .AllowAnyMethod())); services.Configure <CookiePolicyOptions>(options => { // This lambda determines whether user consent for non-essential cookies is needed for a given request. options.CheckConsentNeeded = context => false; options.MinimumSameSitePolicy = SameSiteMode.Lax; }); // Add authentication services services.AddAuthentication(options => { options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme; options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme; options.DefaultChallengeScheme = CookieAuthenticationDefaults.AuthenticationScheme; }) .AddCookie() .AddOpenIdConnect(Constants.OpenIdScheme, options => { options.ConfigurationManager = new ConfigurationManager <OpenIdConnectConfiguration>( config.Authority + config.OpenIdConfigurationEndpoint, new InternalOpenIdConnectConfigurationRetriever(config)); options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme; options.Authority = config.IdentityServer; options.MetadataAddress = config.IdentityServer + config.OpenIdConfigurationEndpoint; options.UseTokenLifetime = true; options.ClientId = config.ClientId; options.ClientSecret = config.ClientSecret; options.RequireHttpsMetadata = false; options.UsePkce = true; // Set response type to code options.ResponseType = OpenIdConnectResponseType.Code; // Configure the scope options.Scope.Clear(); options.Scope.Add("openid"); options.Scope.Add(config.Scope); options.CallbackPath = new PathString("/signin-" + Constants.OpenIdScheme); IdentityModelEventSource.ShowPII = true; options.TokenValidationParameters.ValidateIssuer = false; options.SaveTokens = true; options.Events = new OpenIdConnectEvents { // handle the logout redirection OnRedirectToIdentityProviderForSignOut = context => { context.Response.Redirect(context.Properties.RedirectUri); context.HandleResponse(); return(Task.CompletedTask); } }; }); services.AddHttpContextAccessor(); services.AddHttpClient(); services.AddAuthorization(); services.AddRazorPages(); services.AddServerSideBlazor(); services.AddSingleton <WeatherForecastService>(); services.AddHealthChecks().AddCheck("self", () => HealthCheckResult.Healthy()); }
/// <summary> /// Constructor. /// </summary> /// <param name="config"></param> public InternalOpenIdConnectConfigurationRetriever(AppConfiguration config) { _config = config; }