public void Configure(RemoteAuthenticationOptions <MsalProviderOptions> options) { options.UserOptions.ScopeClaim ??= "scp"; options.UserOptions.AuthenticationType ??= options.ProviderOptions.Authentication.ClientId; var redirectUri = options.ProviderOptions.Authentication.RedirectUri; if (redirectUri == null || !Uri.TryCreate(redirectUri, UriKind.Absolute, out _)) { redirectUri ??= "authentication/login-callback"; options.ProviderOptions.Authentication.RedirectUri = _navigationManager .ToAbsoluteUri(redirectUri).AbsoluteUri; } var logoutUri = options.ProviderOptions.Authentication.PostLogoutRedirectUri; if (logoutUri == null || !Uri.TryCreate(logoutUri, UriKind.Absolute, out _)) { logoutUri ??= "authentication/logout-callback"; options.ProviderOptions.Authentication.PostLogoutRedirectUri = _navigationManager .ToAbsoluteUri(logoutUri).AbsoluteUri; } options.ProviderOptions.Authentication.NavigateToLoginRequestUrl = false; }
public void PostConfigure(string name, RemoteAuthenticationOptions <MsalProviderOptions> options) { if (string.Equals(name, Options.DefaultName, StringComparison.Ordinal)) { Configure(options); } }
public static async Task Handle_Denied_Permissions(string query, string expected) { // Arrange var httpContext = new DefaultHttpContext(); var request = new DefaultHttpRequest(httpContext) { QueryString = new QueryString(query) }; var scheme = new AuthenticationScheme("amazon-auth", "Amazon", typeof(AmazonAuthenticationHandler)); var options = new RemoteAuthenticationOptions(); var failure = new InvalidOperationException(); var context = new RemoteFailureContext(httpContext, scheme, options, failure); var provider = Guid.NewGuid().ToString(); var secureDataFormat = Mock.Of <ISecureDataFormat <object> >(); var logger = Mock.Of <ILogger>(); // Act await OAuthEventsHandler.HandleRemoteFailure(context, provider, secureDataFormat, logger, PropertiesProvider); // Assert httpContext.Response.GetTypedHeaders().Location.OriginalString.ShouldBe(expected); }
/// <summary> /// Initializes a new instance. /// </summary> /// <param name="jsRuntime">The <see cref="IJSRuntime"/> to use for performing JavaScript interop operations.</param> /// <param name="options">The options to be passed down to the underlying JavaScript library handling the authentication operations.</param> /// <param name="navigation">The <see cref="NavigationManager"/> used to generate URLs.</param> /// <param name="accountClaimsPrincipalFactory">The <see cref="AccountClaimsPrincipalFactory{TAccount}"/> used to generate the <see cref="ClaimsPrincipal"/> for the user.</param> public RemoteAuthenticationService( IJSRuntime jsRuntime, IOptionsSnapshot <RemoteAuthenticationOptions <TProviderOptions> > options, NavigationManager navigation, AccountClaimsPrincipalFactory <TAccount> accountClaimsPrincipalFactory) { JsRuntime = jsRuntime; Navigation = navigation; AccountClaimsPrincipalFactory = accountClaimsPrincipalFactory; Options = options.Value; }
public void EnsureBackOfficeScheme_When_Not_Backoffice_Auth_Scheme_Expect_No_Change() { var scheme = "test"; var options = new RemoteAuthenticationOptions { SignInScheme = "my_cookie" }; var sut = new BackOfficeAuthenticationBuilder.EnsureBackOfficeScheme <RemoteAuthenticationOptions>(); sut.PostConfigure(scheme, options); Assert.AreNotEqual(options.SignInScheme, Constants.Security.BackOfficeExternalAuthenticationType); }
public AccountService(HttpClient httpClient, AuthenticationStateProvider authenticationStateProvider, AccessTokenService accessTokenService, SignOutSessionStateManager signOutManager, IOptions <RemoteAuthenticationOptions <OidcProviderOptions> > options ) { _httpClient = httpClient; _authenticationStateProvider = authenticationStateProvider; _accessTokenService = accessTokenService; _signOutManager = signOutManager; _options = options.Value; }
/// <summary> /// Initializes a new instance. /// </summary> /// <param name="jsRuntime">The <see cref="IJSRuntime"/> to use for performing JavaScript interop operations.</param> /// <param name="options">The options to be passed down to the underlying JavaScript library handling the authentication operations.</param> /// <param name="navigation">The <see cref="NavigationManager"/> used to generate URLs.</param> /// <param name="accountClaimsPrincipalFactory">The <see cref="AccountClaimsPrincipalFactory{TAccount}"/> used to generate the <see cref="ClaimsPrincipal"/> for the user.</param> /// <param name="logger">The logger to use for login authentication operations.</param> public RemoteAuthenticationService( IJSRuntime jsRuntime, IOptionsSnapshot <RemoteAuthenticationOptions <TProviderOptions> > options, NavigationManager navigation, AccountClaimsPrincipalFactory <TAccount> accountClaimsPrincipalFactory, ILogger <RemoteAuthenticationService <TRemoteAuthenticationState, TAccount, TProviderOptions> > logger) { JsRuntime = jsRuntime; Navigation = navigation; AccountClaimsPrincipalFactory = accountClaimsPrincipalFactory; Options = options.Value; _loggingOptions = new JavaScriptLoggingOptions(logger?.IsEnabled(LogLevel.Debug) ?? false, logger?.IsEnabled(LogLevel.Trace) ?? false); }
public void PostConfigure(string name, RemoteAuthenticationOptions <OidcProviderOptions> options) { }
public static void Configure(RemoteAuthenticationOptions <PublicClientApplicationOptions> options) { options.UserOptions.ScopeClaim ??= "scp"; options.UserOptions.AuthenticationType ??= options.ProviderOptions.ClientId; }
void SetCommonProviderOptions(RemoteAuthenticationOptions options) { options.SignInScheme = "Dolittle.External"; // TODO: How do we get this aligned with the rest - some circular dependency here options.Events.OnTicketReceived = TicketRecieved; }
/// <summary> /// Auto assign auth settings from tenant /// Add tenant to callback paths /// </summary> /// <param name="tenant">The tenant</param> /// <param name="navigationManager">The navigation manage</param> /// <param name="options">The options</param> public static void AssignPathsOptionsForTenantOrDefault(Tenant tenant, NavigationManager navigationManager, RemoteAuthenticationOptions <OidcProviderOptions> options) { if (tenant != null) { options.AuthenticationPaths.LogInCallbackPath = $"{tenant.Identifier}/{RemoteAuthenticationDefaults.LoginCallbackPath}"; options.AuthenticationPaths.LogInFailedPath = $"{tenant.Identifier}/{RemoteAuthenticationDefaults.LoginFailedPath}"; options.AuthenticationPaths.LogInPath = $"{tenant.Identifier}/{RemoteAuthenticationDefaults.LoginPath}"; options.AuthenticationPaths.LogOutCallbackPath = $"{tenant.Identifier}/{RemoteAuthenticationDefaults.LogoutCallbackPath}"; options.AuthenticationPaths.LogOutFailedPath = $"{tenant.Identifier}/{RemoteAuthenticationDefaults.LogoutFailedPath}"; options.AuthenticationPaths.LogOutPath = $"{tenant.Identifier}/{RemoteAuthenticationDefaults.LogoutPath}"; options.AuthenticationPaths.LogOutSucceededPath = $"{tenant.Identifier}/{RemoteAuthenticationDefaults.LogoutSucceededPath}"; options.AuthenticationPaths.ProfilePath = $"{tenant.Identifier}/{RemoteAuthenticationDefaults.ProfilePath}"; options.AuthenticationPaths.RegisterPath = $"{tenant.Identifier}/{RemoteAuthenticationDefaults.RegisterPath}"; options.ProviderOptions.PostLogoutRedirectUri = $"{navigationManager.BaseUri}{options.AuthenticationPaths.LogOutCallbackPath}"; options.ProviderOptions.RedirectUri = $"{navigationManager.BaseUri}{options.AuthenticationPaths.LogInCallbackPath}"; } }
public AccessTokenService(LocalStorage localStorage, IOptions <RemoteAuthenticationOptions <OidcProviderOptions> > options) { _localStorage = localStorage; _options = options.Value; }