/// <summary>
/// Retrieves configuration from a named OpenID Connect handler
/// </summary>
/// <param name="schemeName"></param>
/// <returns></returns>
/// <exception cref="InvalidOperationException"></exception>
public virtual async Task <(OpenIdConnectOptions options, OpenIdConnectConfiguration configuration)> GetOpenIdConnectSettingsAsync(string schemeName)
{
OpenIdConnectOptions options;
if (string.IsNullOrWhiteSpace(schemeName))
{
var scheme = await _schemeProvider.GetDefaultChallengeSchemeAsync();
if (scheme is null)
{
throw new InvalidOperationException("No OpenID Connect authentication scheme configured for getting client configuration. Either set the scheme name explicitly or set the default challenge scheme");
}
options = _oidcOptions.Get(scheme.Name);
}
else
{
options = _oidcOptions.Get(schemeName);
}
OpenIdConnectConfiguration configuration;
try
{
configuration = await options.ConfigurationManager.GetConfigurationAsync(default);
async public Task Post([FromRoute] string scheme)
{
var context = _accessor.HttpContext;
if (string.IsNullOrEmpty(scheme))
{
await context.ChallengeAsync();
return;
}
if (context.User.Identity.IsAuthenticated)
{
await Logout();
}
var schemes = await schemas.GetAllSchemesAsync();
var currentScheme = schemes.FirstOrDefault(x => x.Name.Equals(scheme, StringComparison.OrdinalIgnoreCase))
?.Name
?? (await schemas.GetDefaultChallengeSchemeAsync()).Name;
var properties = new AuthenticationProperties()
{
AllowRefresh = true,
IsPersistent = true
};
await context.ChallengeAsync(currentScheme, properties);
}
private async Task VerifyAllDefaults(IAuthenticationSchemeProvider provider, AuthenticationScheme?expected)
{
Assert.Equal(await provider.GetDefaultForbidSchemeAsync(), expected);
Assert.Equal(await provider.GetDefaultAuthenticateSchemeAsync(), expected);
Assert.Equal(await provider.GetDefaultChallengeSchemeAsync(), expected);
Assert.Equal(await provider.GetDefaultSignInSchemeAsync(), expected);
Assert.Equal(await provider.GetDefaultSignOutSchemeAsync(), expected);
}
private async Task <SpaceOptions> GetSpaceOptionsAsync()
{
if (string.IsNullOrEmpty(_options.Scheme))
{
var scheme = await _schemeProvider.GetDefaultChallengeSchemeAsync();
return(_spaceOptions.Get(scheme.Name));
}
return(_spaceOptions.Get(_options.Scheme));
}
private async Task <OpenIdConnectOptions> GetOidcOptionsAsync()
{
if (!string.IsNullOrEmpty(_managementOptions.Scheme))
{
return(_oidcOptions.Get(_managementOptions.Scheme));
}
var scheme = await _schemeProvider.GetDefaultChallengeSchemeAsync();
return(_oidcOptions.Get(scheme.Name));
}
private async Task <TokenValidationParameters> GetTokenValidationParameters()
{
var scheme = await _authenticationSchemeProvider.GetDefaultChallengeSchemeAsync();
if (scheme == null)
{
throw new Exception("Failed to obtain default challenge scheme");
}
var options = _optionsMonitor.Get(scheme.Name);
if (options == null)
{
throw new Exception("Failed to obtain OIDC options for default challenge scheme");
}
var config = options.Configuration;
if (config == null)
{
config = await options.ConfigurationManager.GetConfigurationAsync(CancellationToken.None);
}
if (config == null)
{
throw new Exception("Failed to obtain OIDC configuration");
}
var parameters = new TokenValidationParameters
{
ValidIssuer = config.Issuer,
ValidAudience = options.ClientId,
IssuerSigningKeys = config.SigningKeys,
NameClaimType = JwtClaimTypes.Name,
RoleClaimType = JwtClaimTypes.Role
};
return(parameters);
}
/// <summary>
/// Retrieves configuration from a named OpenID Connect handler
/// </summary>
/// <param name="schemeName"></param>
/// <returns></returns>
/// <exception cref="InvalidOperationException"></exception>
public virtual async Task <OAuthOptions> GetOptions(string schemeName)
{
OAuthOptions options;
if (string.IsNullOrWhiteSpace(schemeName))
{
var scheme = await _schemeProvider.GetDefaultChallengeSchemeAsync();
if (scheme is null)
{
throw new InvalidOperationException("No OpenID Connect authentication scheme configured for getting client configuration. Either set the scheme name explicitly or set the default challenge scheme");
}
options = _oidcOptions.Get(scheme.Name);
}
else
{
options = _oidcOptions.Get(schemeName);
}
return(options);
}
public Task <AuthenticationScheme> GetDefaultChallengeSchemeAsync()
{
return(_inner.GetDefaultChallengeSchemeAsync());
}
private async Task <OpenIdConnectOptions> GetOidcOptionsAsync()
{
var scheme = await _schemeProvider.GetDefaultChallengeSchemeAsync();
return(_oidcOptions.Get(scheme.Name));
}