public static IEnumerable <Client> Get() { //var redirectUri = "http://localhost:5002"; var redirectUri = "https://fletnix.azurewebsites.net"; return(new List <Client> { new Client { ClientId = "fletnix", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, ClientName = "Fletnix totally not a copy of netflix...", AllowedGrantTypes = GrantTypes.List( GrantType.Implicit, GrantType.ClientCredentials), RequireConsent = false, AllowAccessTokensViaBrowser = true, AllowedScopes = new List <string> { IdentityServerConstants.StandardScopes.OpenId, IdentityServerConstants.StandardScopes.Profile, IdentityServerConstants.StandardScopes.Email, "role" }, RedirectUris = new List <string> { redirectUri + "/signin-oidc" }, PostLogoutRedirectUris = new List <string> { redirectUri } } }); }
//Clientes, quem pode se conectar ao Identity Server, nesse caso, o app do Ionic public static IEnumerable <Client> GetClients() { return(new List <Client> { new Client { ClientId = "jarbasApp", ClientSecrets = { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.List(new [] { GrantType.ResourceOwnerPassword, "googleAuth" }), AllowedScopes = { "jarbasApi", "offline_access" }, AllowOfflineAccess = true, RefreshTokenUsage = TokenUsage.ReUse, RefreshTokenExpiration = TokenExpiration.Sliding, SlidingRefreshTokenLifetime = 60 * 60 * 24 * 7, AccessTokenLifetime = 60 * 60 * 24 * 1, AllowedCorsOrigins = { "http://localhost:8100" } }, new Client { ClientId = "script", ClientSecrets = { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.ClientCredentials, AllowedScopes = { "jarbasApi" }, AccessTokenLifetime = 60 * 60 * 24 * 1, AllowedCorsOrigins = { "http://localhost:80" } } }); }
public void duplicate_values_should_throw() { var client = new Client(); Action act = () => client.AllowedGrantTypes = GrantTypes.List("custom1", "custom2", "custom1"); act.ShouldThrow <InvalidOperationException>(); }
public void empty_grant_type_list_should_throw_single() { var client = new Client(); Action act = () => client.AllowedGrantTypes = GrantTypes.List(); act.ShouldThrow <InvalidOperationException>(); }
public void grant_type_with_space_should_throw_single() { var client = new Client(); Action act = () => client.AllowedGrantTypes = GrantTypes.List("custo m2"); act.ShouldThrow <InvalidOperationException>(); }
public void custom_and_forbidden_grant_type_combinations_should_throw(string type1, string type2) { var client = new Client(); Action act = () => client.AllowedGrantTypes = GrantTypes.List("custom1", type2, "custom2", type1); act.ShouldThrow <InvalidOperationException>(); }
// Clients want to access resources. public static IEnumerable <Client> GetClients(int accessTokenLifetime, int refreshTokenLifetime) { // Clients credentials. return(new List <Client> { // Local authentication client new Client { ClientId = "coraltimeapp", AllowedGrantTypes = GrantTypes.ResourceOwnerPassword, // Resource Owner Password Credential grant. AllowAccessTokensViaBrowser = true, //AlwaysIncludeUserClaimsInIdToken = true, // Include claims in token RequireClientSecret = false, // This client does not need a secret to request tokens from the token endpoint. AccessTokenLifetime = accessTokenLifetime, AbsoluteRefreshTokenLifetime = refreshTokenLifetime, RefreshTokenExpiration = TokenExpiration.Absolute, RefreshTokenUsage = TokenUsage.OneTimeOnly, AllowedScopes = { IdentityServerConstants.StandardScopes.OpenId, // For UserInfo endpoint. IdentityServerConstants.StandardScopes.Profile, "roles", "WebAPI" }, AllowOfflineAccess = true, // For refresh token. }, // Authentication client for Azure AD new Client { ClientId = "coraltimeazure", RequireClientSecret = false, // This client does not need a secret to request tokens from the token endpoint. //ClientSecrets = //{ // new Secret("secret".Sha256()) //}, AllowedGrantTypes = GrantTypes.List("azureAuth"), AllowedScopes = { IdentityServerConstants.StandardScopes.OpenId, // For UserInfo endpoint. IdentityServerConstants.StandardScopes.Profile, "roles", "WebAPI" }, AccessTokenLifetime = accessTokenLifetime, AbsoluteRefreshTokenLifetime = refreshTokenLifetime, RefreshTokenExpiration = TokenExpiration.Absolute, RefreshTokenUsage = TokenUsage.OneTimeOnly, AllowOfflineAccess = true } }); }
public static IEnumerable <Client> GetClients() { return(new List <Client> { new Client { ClientId = "google", ClientSecrets = { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.List("googleAuth"), AllowedScopes = { "offline_access", "api1" } }, new Client { ClientId = "resourceOwner", ClientSecrets = { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.ResourceOwnerPassword, AllowedScopes = { "offline_access", "api1" } } }); }
public static IEnumerable <Client> Get() { return(new List <Client> { /////////////////////////////////////////// // Console Client Credentials Flow Sample ////////////////////////////////////////// new Client { ClientId = "client", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.ClientCredentials, AllowedScopes = new List <string> { "api1", "api2" } }, /////////////////////////////////////////// // Console Resource Owner Flow Sample ////////////////////////////////////////// new Client { ClientId = "roclient", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.ResourceOwnerPassword, AllowedScopes = new List <string> { StandardScopes.OpenId.Name, StandardScopes.Email.Name, StandardScopes.OfflineAccess.Name, StandardScopes.Address.Name, "api1", "api2" } }, ///////////////////////////////////////// // Console Custom Grant Flow Sample //////////////////////////////////////// new Client { ClientId = "client.custom", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.List("custom"), AllowedScopes = new List <string> { "api1", "api2" } }, /////////////////////////////////////////// // Introspection Client Sample ////////////////////////////////////////// new Client { ClientId = "roclient.reference", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.ResourceOwnerPassword, AllowedScopes = new List <string> { "api1", "api2" }, AccessTokenType = AccessTokenType.Reference }, }); }
public static IEnumerable <Client> Get() { return(new List <Client> { /////////////////////////////////////////// // Console Client Credentials Flow Sample ////////////////////////////////////////// new Client { ClientId = "client", ClientSecrets = { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.ClientCredentials, AllowedScopes = { "api1", "api2" } }, new Client { ClientId = "client.identityscopes", ClientSecrets = { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.ClientCredentials, AllowedScopes = { "openid", "profile", "api1", "api2" } }, new Client { ClientId = "client.no_default_scopes", ClientSecrets = { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.ClientCredentials, AllowAccessToAllScopes = true }, /////////////////////////////////////////// // Console Resource Owner Flow Sample ////////////////////////////////////////// new Client { ClientId = "roclient", ClientSecrets = { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.ResourceOwnerPassword, AllowOfflineAccess = true, AllowedScopes = { IdentityServerConstants.StandardScopes.OpenId, IdentityServerConstants.StandardScopes.Email, IdentityServerConstants.StandardScopes.Address, "roles", "api1", "api2", "api4.with.roles" } }, ///////////////////////////////////////// // Console Custom Grant Flow Sample //////////////////////////////////////// new Client { ClientId = "client.custom", ClientSecrets = { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.List("custom"), AllowedScopes = { "api1", "api2" } }, /////////////////////////////////////////// // Introspection Client Sample ////////////////////////////////////////// new Client { ClientId = "roclient.reference", ClientSecrets = { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.ResourceOwnerPassword, AllowOfflineAccess = true, AllowedScopes = { "api1", "api2" }, AccessTokenType = AccessTokenType.Reference }, new Client { ClientName = "Client with Base64 encoded X509 Certificate", ClientId = "certificate_base64_valid", Enabled = true, ClientSecrets = { new Secret { Type = IdentityServerConstants.SecretTypes.X509CertificateBase64, Value = Convert.ToBase64String(TestCert.Load().Export(X509ContentType.Cert)) } }, AllowedGrantTypes = GrantTypes.ClientCredentials, AllowedScopes = new List <string> { "api1", "api2" }, }, }); }
public static IEnumerable <Client> Get() { return(new List <Client> { /////////////////////////////////////////// // Console Client Credentials Flow Sample ////////////////////////////////////////// new Client { ClientId = "client", ClientSecrets = { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.ClientCredentials, AllowedScopes = { "api1", "api2.read_only" }, }, /////////////////////////////////////////// // Console Client Credentials Flow with client JWT assertion ////////////////////////////////////////// new Client { ClientId = "client.jwt", ClientSecrets = { new Secret { Type = IdentityServerConstants.SecretTypes.X509CertificateBase64, Value = "MIIDATCCAe2gAwIBAgIQoHUYAquk9rBJcq8W+F0FAzAJBgUrDgMCHQUAMBIxEDAOBgNVBAMTB0RldlJvb3QwHhcNMTAwMTIwMjMwMDAwWhcNMjAwMTIwMjMwMDAwWjARMQ8wDQYDVQQDEwZDbGllbnQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSaY4x1eXqjHF1iXQcF3pbFrIbmNw19w/IdOQxbavmuPbhY7jX0IORu/GQiHjmhqWt8F4G7KGLhXLC1j7rXdDmxXRyVJBZBTEaSYukuX7zGeUXscdpgODLQVay/0hUGz54aDZPAhtBHaYbog+yH10sCXgV1Mxtzx3dGelA6pPwiAmXwFxjJ1HGsS/hdbt+vgXhdlzud3ZSfyI/TJAnFeKxsmbJUyqMfoBl1zFKG4MOvgHhBjekp+r8gYNGknMYu9JDFr1ue0wylaw9UwG8ZXAkYmYbn2wN/CpJl3gJgX42/9g87uLvtVAmz5L+rZQTlS1ibv54ScR2lcRpGQiQav/LAgMBAAGjXDBaMBMGA1UdJQQMMAoGCCsGAQUFBwMCMEMGA1UdAQQ8MDqAENIWANpX5DZ3bX3WvoDfy0GhFDASMRAwDgYDVQQDEwdEZXZSb290ghAsWTt7E82DjU1E1p427Qj2MAkGBSsOAwIdBQADggEBADLje0qbqGVPaZHINLn+WSM2czZk0b5NG80btp7arjgDYoWBIe2TSOkkApTRhLPfmZTsaiI3Ro/64q+Dk3z3Kt7w+grHqu5nYhsn7xQFAQUf3y2KcJnRdIEk0jrLM4vgIzYdXsoC6YO+9QnlkNqcN36Y8IpSVSTda6gRKvGXiAhu42e2Qey/WNMFOL+YzMXGt/nDHL/qRKsuXBOarIb++43DV3YnxGTx22llhOnPpuZ9/gnNY7KLjODaiEciKhaKqt/b57mTEz4jTF4kIg6BP03MUfDXeVlM1Qf1jB43G2QQ19n5lUiqTpmQkcfLfyci2uBZ8BkOhXr3Vk9HIk/xBXQ=" } }, AllowedGrantTypes = GrantTypes.ClientCredentials, AllowedScopes = { "api1", "api2.read_only" } }, /////////////////////////////////////////// // Custom Grant Sample ////////////////////////////////////////// new Client { ClientId = "client.custom", ClientSecrets = { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.List("custom"), AllowedScopes = { "api1", "api2.read_only" } }, /////////////////////////////////////////// // Console Resource Owner Flow Sample ////////////////////////////////////////// new Client { ClientId = "roclient", ClientSecrets = { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.ResourceOwnerPassword, AllowOfflineAccess = true, AllowedScopes = { IdentityServerConstants.StandardScopes.OpenId, "custom.profile", "api1", "api2.read_only" } }, /////////////////////////////////////////// // Console Public Resource Owner Flow Sample ////////////////////////////////////////// new Client { ClientId = "roclient.public", RequireClientSecret = false, AllowedGrantTypes = GrantTypes.ResourceOwnerPassword, AllowOfflineAccess = true, AllowedScopes = { IdentityServerConstants.StandardScopes.OpenId, IdentityServerConstants.StandardScopes.Email, "api1", "api2.read_only" } }, /////////////////////////////////////////// // Console Hybrid with PKCE Sample ////////////////////////////////////////// new Client { ClientId = "console.hybrid.pkce", ClientName = "Console Hybrid with PKCE Sample", RequireClientSecret = false, AllowedGrantTypes = GrantTypes.Hybrid, RequirePkce = true, RedirectUris = { "http://127.0.0.1:7890/" }, AllowOfflineAccess = true, AllowedScopes = { IdentityServerConstants.StandardScopes.OpenId, IdentityServerConstants.StandardScopes.Profile, IdentityServerConstants.StandardScopes.Email, "api1", "api2.read_only", }, }, /////////////////////////////////////////// // Introspection Client Sample ////////////////////////////////////////// new Client { ClientId = "roclient.reference", ClientSecrets = { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.ResourceOwnerPassword, AllowedScopes = { "api1", "api2.read_only" }, AccessTokenType = AccessTokenType.Reference }, /////////////////////////////////////////// // MVC Implicit Flow Samples ////////////////////////////////////////// new Client { ClientId = "mvc.implicit", ClientName = "MVC Implicit", ClientUri = "http://identityserver.io", AllowedGrantTypes = GrantTypes.Implicit, AllowAccessTokensViaBrowser = true, RedirectUris = { "http://localhost:44077/signin-oidc" }, LogoutUri = "http://localhost:44077/signout-oidc", PostLogoutRedirectUris = { "http://localhost:44077/signout-callback-oidc" }, AllowedScopes = { IdentityServerConstants.StandardScopes.OpenId, IdentityServerConstants.StandardScopes.Profile, IdentityServerConstants.StandardScopes.Email, "api1", "api2.read_only" }, }, /////////////////////////////////////////// // MVC Manual Implicit Flow Sample ////////////////////////////////////////// new Client { ClientId = "mvc.manual", ClientName = "MVC Manual", ClientUri = "http://identityserver.io", AllowedGrantTypes = GrantTypes.Implicit, RedirectUris = { "http://localhost:44077/home/callback" }, LogoutUri = "http://localhost:44077/signout-oidc", PostLogoutRedirectUris = { "http://localhost:44077/" }, AllowedScopes = { IdentityServerConstants.StandardScopes.OpenId }, }, /////////////////////////////////////////// // MVC Hybrid Flow Samples ////////////////////////////////////////// new Client { ClientId = "mvc.hybrid", ClientName = "MVC Hybrid", ClientUri = "http://identityserver.io", ClientSecrets = { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.Hybrid, AllowAccessTokensViaBrowser = false, RedirectUris = { "http://localhost:21402/signin-oidc" }, LogoutUri = "http://localhost:21402/signout-oidc", PostLogoutRedirectUris = { "http://localhost:21402/signout-callback-oidc" }, AllowOfflineAccess = true, AllowedScopes = { IdentityServerConstants.StandardScopes.OpenId, IdentityServerConstants.StandardScopes.Profile, IdentityServerConstants.StandardScopes.Email, "api1", "api2.read_only", }, }, /////////////////////////////////////////// // JS OAuth 2.0 Sample ////////////////////////////////////////// new Client { ClientId = "js_oauth", ClientName = "JavaScript OAuth 2.0 Client", ClientUri = "http://identityserver.io", AllowedGrantTypes = GrantTypes.Implicit, AllowAccessTokensViaBrowser = true, RedirectUris = { "http://localhost:28895/index.html" }, AllowedScopes = { "api1", "api2.read_only" }, }, /////////////////////////////////////////// // JS OIDC Sample ////////////////////////////////////////// new Client { ClientId = "js_oidc", ClientName = "JavaScript OIDC Client", ClientUri = "http://identityserver.io", AllowedGrantTypes = GrantTypes.Implicit, AllowAccessTokensViaBrowser = true, RequireClientSecret = false, AccessTokenType = AccessTokenType.Reference, RedirectUris = { "http://localhost:7017/index.html", "http://localhost:7017/callback.html", "http://localhost:7017/silent.html", "http://localhost:7017/popup.html", }, PostLogoutRedirectUris = { "http://localhost:7017/index.html" }, AllowedCorsOrigins = { "http://localhost:7017" }, AllowedScopes = { IdentityServerConstants.StandardScopes.OpenId, IdentityServerConstants.StandardScopes.Profile, IdentityServerConstants.StandardScopes.Email, "api1", "api2.read_only" }, }, }); }
public static IEnumerable <Client> Get() { return(new List <Client> { new Client { ClientName = "Code Client", Enabled = true, ClientId = "codeclient", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.Code, AllowedScopes = { "openid", "profile", "resource", "resource2" }, RequireConsent = false, RedirectUris = new List <string> { "https://server/cb", }, AuthorizationCodeLifetime = 60 }, new Client { ClientName = "Code Client with PKCE", Enabled = true, ClientId = "codeclient.pkce", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.Code, RequirePkce = true, AllowedScopes = { "openid", "profile", "resource", "resource2" }, RequireConsent = false, RedirectUris = new List <string> { "https://server/cb", }, AuthorizationCodeLifetime = 60 }, new Client { ClientName = "Code Client with PKCE and plain allowed", Enabled = true, ClientId = "codeclient.pkce.plain", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.Code, RequirePkce = true, AllowPlainTextPkce = true, AllowedScopes = { "openid", "profile", "resource", "resource2" }, RequireConsent = false, RedirectUris = new List <string> { "https://server/cb", }, AuthorizationCodeLifetime = 60 }, new Client { ClientName = "Hybrid Client", Enabled = true, ClientId = "hybridclient", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.Hybrid, AllowedScopes = { "openid", "profile", "resource", "resource2" }, AllowAccessTokensViaBrowser = true, RequireConsent = false, RedirectUris = new List <string> { "https://server/cb", }, AuthorizationCodeLifetime = 60 }, new Client { ClientName = "Hybrid Client with PKCE", Enabled = true, ClientId = "hybridclient.pkce", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.Hybrid, RequirePkce = true, AllowedScopes = { "openid", "profile", "resource", "resource2" }, AllowAccessTokensViaBrowser = true, RequireConsent = false, RedirectUris = new List <string> { "https://server/cb", }, AuthorizationCodeLifetime = 60 }, new Client { ClientName = "Hybrid Client", Enabled = true, ClientId = "hybridclient_no_aavb", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.Hybrid, AllowedScopes = { "openid", "profile", "resource", "resource2" }, AllowAccessTokensViaBrowser = false, RequireConsent = false, RedirectUris = new List <string> { "https://server/cb", }, AuthorizationCodeLifetime = 60 }, new Client { ClientName = "Implicit Client", ClientId = "implicitclient", AllowedGrantTypes = GrantTypes.Implicit, AllowedScopes = { "openid", "profile", "resource", "resource2" }, AllowAccessTokensViaBrowser = true, RequireConsent = false, RedirectUris = new List <string> { "oob://implicit/cb" }, }, new Client { ClientName = "Implicit Client", ClientId = "implicitclient_no_aavb", AllowedGrantTypes = GrantTypes.Implicit, AllowedScopes = { "openid", "profile", "resource", "resource2" }, AllowAccessTokensViaBrowser = false, RequireConsent = false, RedirectUris = new List <string> { "oob://implicit/cb" }, }, new Client { ClientName = "Implicit and Client Credentials Client", Enabled = true, ClientId = "implicit_and_client_creds_client", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.ImplicitAndClientCredentials, AllowedScopes = { "openid", "profile", "resource", "resource2" }, RequireConsent = false, RedirectUris = new List <string> { "oob://implicit/cb" }, }, new Client { ClientName = "Code Client with Scope Restrictions", Enabled = true, ClientId = "codeclient_restricted", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.Code, RequireConsent = false, AllowedScopes = new List <string> { "openid" }, RedirectUris = new List <string> { "https://server/cb", }, }, new Client { ClientName = "Client Credentials Client", Enabled = true, ClientId = "client", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.ClientCredentials, AllowedScopes = { "openid", "profile", "resource", "resource2" }, AccessTokenType = AccessTokenType.Jwt }, new Client { ClientName = "Client Credentials Client (restricted)", Enabled = true, ClientId = "client_restricted", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.ClientCredentials, AllowedScopes = new List <string> { "resource" }, }, new Client { ClientName = "Resource Owner Client", Enabled = true, ClientId = "roclient", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.ResourceOwnerPassword, AllowedScopes = { "openid", "profile", "resource", "resource2" }, AllowOfflineAccess = true }, new Client { ClientName = "Resource Owner Client - Public", Enabled = true, ClientId = "roclient.public", RequireClientSecret = false, AllowedGrantTypes = GrantTypes.ResourceOwnerPassword, AllowedScopes = { "openid", "profile", "resource", "resource2" }, }, new Client { ClientName = "Resource Owner Client", Enabled = true, ClientId = "roclient_absolute_refresh_expiration_one_time_only", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.ResourceOwnerPassword, AllowedScopes = { "openid", "profile", "resource", "resource2" }, RefreshTokenExpiration = TokenExpiration.Absolute, RefreshTokenUsage = TokenUsage.OneTimeOnly, AbsoluteRefreshTokenLifetime = 200 }, new Client { ClientName = "Resource Owner Client", Enabled = true, ClientId = "roclient_absolute_refresh_expiration_reuse", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.ResourceOwnerPassword, AllowedScopes = { "openid", "profile", "resource", "resource2" }, RefreshTokenExpiration = TokenExpiration.Absolute, RefreshTokenUsage = TokenUsage.ReUse, AbsoluteRefreshTokenLifetime = 200 }, new Client { ClientName = "Resource Owner Client", Enabled = true, ClientId = "roclient_sliding_refresh_expiration_one_time_only", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.ResourceOwnerPassword, AllowedScopes = { "openid", "profile", "resource", "resource2" }, RefreshTokenExpiration = TokenExpiration.Sliding, RefreshTokenUsage = TokenUsage.OneTimeOnly, AbsoluteRefreshTokenLifetime = 10, SlidingRefreshTokenLifetime = 4 }, new Client { ClientName = "Resource Owner Client", Enabled = true, ClientId = "roclient_sliding_refresh_expiration_reuse", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.ResourceOwnerPassword, AllowedScopes = { "openid", "profile", "resource", "resource2" }, RefreshTokenExpiration = TokenExpiration.Sliding, RefreshTokenUsage = TokenUsage.ReUse, AbsoluteRefreshTokenLifetime = 200, SlidingRefreshTokenLifetime = 100 }, new Client { ClientName = "Resource Owner Client (restricted)", Enabled = true, ClientId = "roclient_restricted", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.ResourceOwnerPassword, AllowedScopes = new List <string> { "resource" }, }, new Client { ClientName = "Resource Owner Client (restricted with refresh)", Enabled = true, ClientId = "roclient_restricted_refresh", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.ResourceOwnerPassword, AllowOfflineAccess = true, AllowedScopes = new List <string> { "resource", }, }, new Client { ClientName = "Custom Grant Client", Enabled = true, ClientId = "customgrantclient", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.List("custom_grant"), AllowedScopes = { "openid", "profile", "resource", "resource2" }, }, new Client { ClientName = "Disabled Client", Enabled = false, ClientId = "disabled", ClientSecrets = new List <Secret> { new Secret("invalid".Sha256()) }, AllowedGrantTypes = GrantTypes.ClientCredentials, AllowedScopes = { "openid", "profile", "resource", "resource2" }, }, new Client { ClientName = "Reference Token Client", Enabled = true, ClientId = "referencetokenclient", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.Implicit, AllowedScopes = { "openid", "profile", "resource", "resource2" }, AccessTokenType = AccessTokenType.Reference }, new Client { ClientId = "wsfed", ClientName = "WS-Fed Client", ProtocolType = IdentityServerConstants.ProtocolTypes.WsFederation, AllowedGrantTypes = GrantTypes.Implicit, Enabled = true, AllowedScopes = { "openid", "profile", "resource", "resource2" }, RedirectUris = { "http://wsfed/callback" } }, new Client { ClientId = "client.cred.wsfed", ClientName = "WS-Fed Client", ProtocolType = IdentityServerConstants.ProtocolTypes.WsFederation, AllowedGrantTypes = GrantTypes.ClientCredentials, ClientSecrets = { new Secret("secret".Sha256()) }, Enabled = true, AllowedScopes = { "openid", "profile", "resource", "resource2" }, }, new Client { ClientId = "client.implicit", ClientName = "Implicit Client", AllowedGrantTypes = GrantTypes.Implicit, AllowedScopes = { "openid", "profile", "resource", "resource2" }, }, new Client { ClientId = "implicit_and_client_creds", AllowedGrantTypes = GrantTypes.ImplicitAndClientCredentials, AllowedScopes = { "api1" } }, }); }
public static IEnumerable <Client> Get() { return(new List <Client> { /////////////////////////////////////////// // Console Client Credentials Flow Sample ////////////////////////////////////////// new Client { ClientId = "client", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.ClientCredentials, AllowedScopes = new List <string> { "api1", "api2" } }, /////////////////////////////////////////// // Custom Grant Sample ////////////////////////////////////////// new Client { ClientId = "client.custom", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.List("custom"), AllowedScopes = new List <string> { "api1", "api2" } }, /////////////////////////////////////////// // Console Resource Owner Flow Sample ////////////////////////////////////////// new Client { ClientId = "roclient", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.ResourceOwnerPassword, AllowedScopes = new List <string> { StandardScopes.OpenId.Name, StandardScopes.Email.Name, StandardScopes.OfflineAccess.Name, "api1", "api2" } }, /////////////////////////////////////////// // Introspection Client Sample ////////////////////////////////////////// new Client { ClientId = "roclient.reference", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.ResourceOwnerPassword, AllowedScopes = new List <string> { "api1", "api2" }, AccessTokenType = AccessTokenType.Reference }, /////////////////////////////////////////// // MVC Implicit Flow Samples ////////////////////////////////////////// new Client { ClientId = "mvc.implicit", ClientName = "MVC Implicit", ClientUri = "http://identityserver.io", AllowedGrantTypes = GrantTypes.Implicit, AllowAccessTokensViaBrowser = true, RedirectUris = new List <string> { "http://localhost:44077/signin-oidc" }, PostLogoutRedirectUris = new List <string> { "http://localhost:44077/" }, LogoutUri = "http://localhost:44077/signout-oidc", AllowedScopes = new List <string> { StandardScopes.OpenId.Name, StandardScopes.Profile.Name, StandardScopes.Email.Name, StandardScopes.Roles.Name, "api1", "api2" }, }, /////////////////////////////////////////// // MVC Hybrid Flow Samples ////////////////////////////////////////// new Client { ClientId = "mvc.hybrid", ClientName = "MVC Hybrid", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, ClientUri = "http://identityserver.io", AllowedGrantTypes = GrantTypes.Hybrid, AllowAccessTokensViaBrowser = false, RedirectUris = new List <string> { "http://localhost:21402/signin-oidc" }, PostLogoutRedirectUris = new List <string> { "http://localhost:21402/" }, LogoutUri = "http://localhost:21402/signout-oidc", AllowedScopes = new List <string> { StandardScopes.OpenId.Name, StandardScopes.Profile.Name, StandardScopes.Email.Name, StandardScopes.Roles.Name, StandardScopes.OfflineAccess.Name, "api1", "api2", }, }, /////////////////////////////////////////// // JS OAuth 2.0 Sample ////////////////////////////////////////// new Client { ClientId = "js_oauth", ClientName = "JavaScript OAuth 2.0 Client", ClientUri = "http://identityserver.io", AllowedGrantTypes = GrantTypes.Implicit, AllowAccessTokensViaBrowser = true, RedirectUris = new List <string> { "http://localhost:28895/index.html" }, AllowedScopes = new List <string> { "api1", "api2" }, }, /////////////////////////////////////////// // JS OIDC Sample ////////////////////////////////////////// new Client { ClientId = "js_oidc", ClientName = "JavaScript OIDC Client", ClientUri = "http://identityserver.io", AllowedGrantTypes = GrantTypes.Implicit, AllowAccessTokensViaBrowser = true, RedirectUris = new List <string> { "http://localhost:7017/index.html", "http://localhost:7017/silent_renew.html", }, PostLogoutRedirectUris = new List <string> { "http://localhost:7017/index.html", }, AllowedCorsOrigins = new List <string> { "http://localhost:7017" }, AllowedScopes = new List <string> { StandardScopes.OpenId.Name, StandardScopes.Profile.Name, StandardScopes.Email.Name, StandardScopes.Roles.Name, "api1", "api2" }, }, }); }
public static List <Client> Get() { return(new List <Client> { new Client { ClientName = "UserAuthProvider.ServiceStack.SelfHost", ClientId = "UserAuthProvider.ServiceStack.SelfHost", Enabled = true, AccessTokenType = AccessTokenType.Jwt, AllowedGrantTypes = GrantTypes.HybridAndClientCredentials, ClientSecrets = new List <Secret> { new Secret("F621F470-9731-4A25-80EF-67A6F7C5F4B8".Sha256()) }, RedirectUris = new List <string> { "http://localhost:5001/auth/IdentityServer" }, AllowedScopes = new List <string> { IdentityServerConstants.StandardScopes.OpenId, IdentityServerConstants.StandardScopes.Profile, IdentityServerConstants.StandardScopes.Email, "UserAuthProvider.ServiceStack.SelfHost" }, AllowOfflineAccess = true, RequireConsent = false }, // Service Web Client new Client { ClientName = "ServiceAuthProvider.ServiceStack.SelfHost", ClientId = "ServiceAuthProvider.ServiceStack.SelfHost", Enabled = true, AccessTokenType = AccessTokenType.Jwt, AllowedGrantTypes = GrantTypes.HybridAndClientCredentials, ClientSecrets = new List <Secret> { new Secret("26631ded-6165-4bdd-900d-182028495a8c".Sha256()) }, RedirectUris = new List <string> { "http://localhost:5001/auth/IdentityServer" }, AllowedScopes = new List <string> { IdentityServerConstants.StandardScopes.OpenId, IdentityServerConstants.StandardScopes.Profile, IdentityServerConstants.StandardScopes.Email, "ServiceAuthProvider.ServiceStack.SelfHost" }, AllowOfflineAccess = true, RequireConsent = false }, new Client { ClientName = "ServiceAuthProvider.ServiceStack.Api.SelfHost", ClientId = "ServiceAuthProvider.ServiceStack.Api.SelfHost", Enabled = true, AccessTokenType = AccessTokenType.Jwt, AllowedGrantTypes = GrantTypes.ClientCredentials, ClientSecrets = new List <Secret> { new Secret("358bbaad-7921-4785-999e-adfbef1eb1d1".Sha256()) }, AllowedScopes = new List <string> { IdentityServerConstants.StandardScopes.OpenId, "ServiceAuthProvider.ServiceStack.Api.SelfHost" } }, // Impersonate Web Client new Client { ClientName = "ImpersonateAuthProvider.ServiceStack.SelfHost", ClientId = "ImpersonateAuthProvider.ServiceStack.SelfHost", Enabled = true, AccessTokenType = AccessTokenType.Jwt, AllowedGrantTypes = GrantTypes.Hybrid, ClientSecrets = new List <Secret> { new Secret("99e1ae38-866c-4ff4-b9e0-dcfaeb3dbb4a".Sha256()) }, RedirectUris = new List <string> { "http://localhost:5001/auth/IdentityServer" }, RequireConsent = false, AllowedScopes = new List <string> { IdentityServerConstants.StandardScopes.OpenId, IdentityServerConstants.StandardScopes.Profile, IdentityServerConstants.StandardScopes.Email, "ImpersonateAuthProvider.ServiceStack.SelfHost" }, AllowOfflineAccess = true }, new Client { ClientName = "ImpersonateAuthProvider.ServiceStack.Api.SelfHost", ClientId = "ImpersonateAuthProvider.ServiceStack.Api.SelfHost", Enabled = true, AccessTokenType = AccessTokenType.Jwt, AllowedGrantTypes = GrantTypes.List(ActAsUserGrantValidator.GrantTypeName), ClientSecrets = new List <Secret> { new Secret("a9c08d7b-ffc2-49f4-99c9-ce232d9f0cf6".Sha256()) }, AllowedScopes = new List <string> { IdentityServerConstants.StandardScopes.OpenId, "ImpersonateAuthProvider.ServiceStack.Api.SelfHost" } } }); }
private async Task LoadIdentityServer4Data() { var fullClientStore = P7.Core.Global.ServiceProvider.GetServices <IFullClientStore>().FirstOrDefault(); await fullClientStore.InsertClientAsync(new Client { ClientId = "client", AllowedGrantTypes = GrantTypes.ClientCredentials, ClientSecrets = { new Secret("secret".Sha256()) }, AllowedScopes = { "arbitrary" } }); await fullClientStore.InsertClientAsync(new Client { ClientId = "resource-owner-client", AllowedGrantTypes = GrantTypes.ResourceOwnerPassword, AllowOfflineAccess = true, RefreshTokenUsage = TokenUsage.OneTimeOnly, ClientSecrets = { new Secret("secret".Sha256()) }, AllowedScopes = { "arbitrary" } }); await fullClientStore.InsertClientAsync(new Client { ClientId = "public-resource-owner-client", AllowedGrantTypes = GrantTypes.List("public_refresh_token"), RequireClientSecret = false, AllowedScopes = { "arbitrary" } }); var apiResourceList = new List <ApiResource> { new ApiResource("arbitrary", "Arbitrary Scope") { ApiSecrets = { new Secret("secret".Sha256()) } } }; var resourceStore = P7.Core.Global.ServiceProvider.GetServices <IResourceStore>().FirstOrDefault(); var adminResourceStore = P7.Core.Global.ServiceProvider.GetServices <IAdminResourceStore>().FirstOrDefault(); foreach (var apiResource in apiResourceList) { await adminResourceStore.ApiResourceStore.InsertApiResourceAsync(apiResource); } var dd = await adminResourceStore.ApiResourceStore.PageAsync(10, null); }
public static IEnumerable <Client> Get() { return(new List <Client> { new Client { ClientName = "Code Client", Enabled = true, ClientId = "codeclient", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.Code, AllowAccessToAllScopes = true, RequireConsent = false, RedirectUris = new List <string> { "https://server/cb", }, AuthorizationCodeLifetime = 60 }, new Client { ClientName = "Hybrid Client", Enabled = true, ClientId = "hybridclient", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.Code, AllowAccessToAllScopes = true, RequireConsent = false, RedirectUris = new List <string> { "https://server/cb", }, AuthorizationCodeLifetime = 60 }, new Client { ClientName = "Implicit Client", ClientId = "implicitclient", AllowedGrantTypes = GrantTypes.Implicit, AllowAccessToAllScopes = true, AllowAccessTokensViaBrowser = true, RequireConsent = false, RedirectUris = new List <string> { "oob://implicit/cb" }, }, new Client { ClientName = "Implicit and Client Credentials Client", Enabled = true, ClientId = "implicit_and_client_creds_client", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.ImplicitAndClientCredentials, AllowAccessToAllScopes = true, RequireConsent = false, RedirectUris = new List <string> { "oob://implicit/cb" }, }, new Client { ClientName = "Code Client with Scope Restrictions", Enabled = true, ClientId = "codeclient_restricted", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.Code, RequireConsent = false, AllowedScopes = new List <string> { "openid" }, RedirectUris = new List <string> { "https://server/cb", }, }, new Client { ClientName = "Client Credentials Client", Enabled = true, ClientId = "client", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.ClientCredentials, AllowAccessToAllScopes = true, AccessTokenType = AccessTokenType.Jwt }, new Client { ClientName = "Client Credentials Client (restricted)", Enabled = true, ClientId = "client_restricted", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.ClientCredentials, AllowedScopes = new List <string> { "resource" }, }, new Client { ClientName = "Resource Owner Client", Enabled = true, ClientId = "roclient", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.ResourceOwnerPassword, AllowAccessToAllScopes = true, }, new Client { ClientName = "Resource Owner Client", Enabled = true, ClientId = "roclient_absolute_refresh_expiration_one_time_only", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.ResourceOwnerPassword, AllowAccessToAllScopes = true, RefreshTokenExpiration = TokenExpiration.Absolute, RefreshTokenUsage = TokenUsage.OneTimeOnly, AbsoluteRefreshTokenLifetime = 200 }, new Client { ClientName = "Resource Owner Client", Enabled = true, ClientId = "roclient_absolute_refresh_expiration_reuse", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.ResourceOwnerPassword, AllowAccessToAllScopes = true, RefreshTokenExpiration = TokenExpiration.Absolute, RefreshTokenUsage = TokenUsage.ReUse, AbsoluteRefreshTokenLifetime = 200 }, new Client { ClientName = "Resource Owner Client", Enabled = true, ClientId = "roclient_sliding_refresh_expiration_one_time_only", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.ResourceOwnerPassword, AllowAccessToAllScopes = true, RefreshTokenExpiration = TokenExpiration.Sliding, RefreshTokenUsage = TokenUsage.OneTimeOnly, AbsoluteRefreshTokenLifetime = 10, SlidingRefreshTokenLifetime = 4 }, new Client { ClientName = "Resource Owner Client", Enabled = true, ClientId = "roclient_sliding_refresh_expiration_reuse", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.ResourceOwnerPassword, AllowAccessToAllScopes = true, RefreshTokenExpiration = TokenExpiration.Sliding, RefreshTokenUsage = TokenUsage.ReUse, AbsoluteRefreshTokenLifetime = 200, SlidingRefreshTokenLifetime = 100 }, new Client { ClientName = "Resource Owner Client (restricted)", Enabled = true, ClientId = "roclient_restricted", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.ResourceOwnerPassword, AllowedScopes = new List <string> { "resource" }, }, new Client { ClientName = "Resource Owner Client (restricted with refresh)", Enabled = true, ClientId = "roclient_restricted_refresh", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.ResourceOwnerPassword, AllowedScopes = new List <string> { "resource", "offline_access" }, }, new Client { ClientName = "Custom Grant Client", Enabled = true, ClientId = "customgrantclient", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.List("custom_grant"), AllowAccessToAllScopes = true, }, new Client { ClientName = "Disabled Client", Enabled = false, ClientId = "disabled", ClientSecrets = new List <Secret> { new Secret("invalid".Sha256()) }, AllowedGrantTypes = GrantTypes.ClientCredentials, AllowAccessToAllScopes = true, }, new Client { ClientName = "Reference Token Client", Enabled = true, ClientId = "referencetokenclient", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.Implicit, AllowAccessToAllScopes = true, AccessTokenType = AccessTokenType.Reference } }); }
// clients want to access resources (aka scopes) public static IEnumerable <Client> GetClients() { return(new List <Client> { /////////////////////////////////////////// // Console Client Credentials Flow Sample ////////////////////////////////////////// new Client { ClientId = "client", ClientName = "client", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.ClientCredentials, AllowedScopes = new List <string> { "api1", "api2" } }, /////////////////////////////////////////// // Custom Grant Sample ////////////////////////////////////////// new Client { ClientId = "client.custom", ClientName = "client.custom", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.List("custom"), AllowedScopes = new List <string> { "api1", "api2" } }, /////////////////////////////////////////// // Console Resource Owner Flow Sample ////////////////////////////////////////// new Client { ClientId = "roclient", ClientName = "roclient", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.ResourceOwnerPassword, AllowedScopes = new List <string> { StandardScopes.OpenId.Name, StandardScopes.Email.Name, StandardScopes.OfflineAccess.Name, "api1", "api2" } }, /////////////////////////////////////////// // Console Public Resource Owner Flow Sample ////////////////////////////////////////// new Client { ClientId = "roclient.public", ClientName = "roclient.public", RequireClientSecret = false, AllowedGrantTypes = GrantTypes.ResourceOwnerPassword, AllowedScopes = new List <string> { StandardScopes.OpenId.Name, StandardScopes.Email.Name, StandardScopes.OfflineAccess.Name, "api1", "api2" } }, /////////////////////////////////////////// // Console Hybrid with PKCE Sample ////////////////////////////////////////// new Client { ClientId = "console.hybrid.pkce", ClientName = "Console Hybrid with PKCE Sample", RequireClientSecret = false, AllowedGrantTypes = GrantTypes.Hybrid, RequirePkce = true, RedirectUris = new List <string> { "http://127.0.0.1:7890/" }, AllowedScopes = new List <string> { StandardScopes.OpenId.Name, StandardScopes.Profile.Name, StandardScopes.Email.Name, StandardScopes.Roles.Name, StandardScopes.OfflineAccess.Name, "api1", "api2", }, }, /////////////////////////////////////////// // Introspection Client Sample ////////////////////////////////////////// new Client { ClientId = "roclient.reference", ClientName = "roclient.reference", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.ResourceOwnerPassword, AllowedScopes = new List <string> { "api1", "api2" }, AccessTokenType = AccessTokenType.Reference }, /////////////////////////////////////////// // MVC Implicit Flow Samples ////////////////////////////////////////// new Client { ClientId = "mvc.implicit", ClientName = "MVC Implicit", ClientUri = "http://identityserver.io", AllowedGrantTypes = GrantTypes.Implicit, AllowAccessTokensViaBrowser = true, RedirectUris = new List <string> { "http://localhost:44077/signin-oidc" }, PostLogoutRedirectUris = new List <string> { "http://localhost:44077/" }, LogoutUri = "http://localhost:44077/signout-oidc", AllowedScopes = new List <string> { StandardScopes.OpenId.Name, StandardScopes.Profile.Name, StandardScopes.Email.Name, StandardScopes.Roles.Name, "api1", "api2" }, }, /////////////////////////////////////////// // MVC Hybrid Flow Samples ////////////////////////////////////////// new Client { ClientId = "mvc.hybrid", ClientName = "MVC Hybrid", ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, ClientUri = "http://identityserver.io", AllowedGrantTypes = GrantTypes.Hybrid, AllowAccessTokensViaBrowser = false, RedirectUris = new List <string> { "http://localhost:21402/signin-oidc" }, PostLogoutRedirectUris = new List <string> { "http://localhost:21402/" }, LogoutUri = "http://localhost:21402/signout-oidc", AllowedScopes = new List <string> { StandardScopes.OpenId.Name, StandardScopes.Profile.Name, StandardScopes.Email.Name, StandardScopes.Roles.Name, StandardScopes.OfflineAccess.Name, "api1", "api2", }, }, /////////////////////////////////////////// // JS OAuth 2.0 Sample ////////////////////////////////////////// new Client { ClientId = "js_oauth", ClientName = "JavaScript OAuth 2.0 Client", ClientUri = "http://identityserver.io", AllowedGrantTypes = GrantTypes.Implicit, AllowAccessTokensViaBrowser = true, RedirectUris = new List <string> { "http://localhost:28895/index.html" }, AllowedCorsOrigins = new List <string> { "http://localhost:28895" }, AllowedScopes = new List <string> { "api1", "api2" }, }, /////////////////////////////////////////// // JS OIDC Sample ////////////////////////////////////////// new Client { ClientId = "js_oidc", ClientName = "JavaScript OIDC Client", ClientUri = "http://identityserver.io", AllowedGrantTypes = GrantTypes.Implicit, AllowAccessTokensViaBrowser = true, RedirectUris = new List <string> { "http://localhost:5000/index.html", "http://localhost:5000/silent_renew.html", }, PostLogoutRedirectUris = new List <string> { "http://localhost:5000/index.html", }, AllowedCorsOrigins = new List <string> { "http://localhost:5000" }, AllowedScopes = new List <string> { StandardScopes.OpenId.Name, StandardScopes.Profile.Name, StandardScopes.Email.Name, StandardScopes.Roles.Name, "api1", "api2" }, }, new Client { ClientId = "Postman", ClientName = "Postman", AllowedGrantTypes = GrantTypes.CodeAndClientCredentials, ClientUri = "https://www.getpostman.com/", UpdateAccessTokenClaimsOnRefresh = true, RequireConsent = false, AllowRememberConsent = true, ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, RedirectUris = new List <string> { "https://www.getpostman.com/oauth2/callback" }, //PostLogoutRedirectUris = new List<string> //{ // "http://localhost:5000" //}, AllowedScopes = new List <string> { StandardScopes.OpenId.Name, StandardScopes.Profile.Name, StandardScopes.Email.Name, StandardScopes.Roles.Name, "api1", "api2" } }, // Swagger UI new Client { ClientId = "your-client-id", ClientName = "Swagger UI", AllowedGrantTypes = GrantTypes.Implicit, AllowAccessTokensViaBrowser = true, RequireConsent = false, AllowRememberConsent = false, ClientSecrets = new List <Secret> { new Secret("secret".Sha256()) }, RedirectUris = new List <string> { "http://localhost:5000/swagger/ui/o2c.html" }, PostLogoutRedirectUris = new List <string> { "http://localhost:5000" }, AllowedScopes = new List <string> { StandardScopes.OpenId.Name, StandardScopes.Profile.Name, StandardScopes.OfflineAccess.Name, "api1" } } }); }
public void custom_should_be_allowed() { var client = new Client(); client.AllowedGrantTypes = GrantTypes.List("custom"); }