/// <summary>
/// Adds authorization policies for all scopes discovered provided by <see cref="ScopeAuthorizeAttribute.GetAllScopes"/>.
/// </summary>
public static void AddScopePolicies(this AuthorizationOptions options)
{
foreach (string scope in ScopeAuthorizeAttribute.GetAllScopes())
{
options.AddPolicy(scope, ScopePolicy.Create(scope));
}
}
public static IServiceCollection AddSecurity(this IServiceCollection services, IConfiguration configuration)
{
var identityOptions = configuration.Get <IdentityServerAuthenticationOptions>();
if (string.IsNullOrEmpty(identityOptions?.Authority))
{
return(services);
}
services.AddAuthentication(IdentityServerAuthenticationDefaults.AuthenticationScheme)
.AddIdentityServerAuthentication(configuration.Bind);
services.AddAuthorization(IdentityServerAuthenticationDefaults.AuthenticationScheme);
services.ConfigureSwaggerGen(options =>
{
options.AddSecurityDefinition("oauth2", new OAuth2Scheme
{
Type = "oauth2",
Flow = "implicit",
AuthorizationUrl = $"{identityOptions.Authority}/connect/authorize",
Scopes = ScopeAuthorizeAttribute.GetAllScopes().ToDictionary(x => x, x => "")
});
options.AddSecurityRequirement(new Dictionary <string, IEnumerable <string> >
{
["oauth2-implicit"] = new string[0]
});
});
return(services);
}
