public static AuthenticationBuilder AddIdPortenAuth(this AuthenticationBuilder authBuilder, IdPortenConfig config)
{
return(authBuilder
.AddOpenIdConnect(ExternalProviders.IdPorten, "ID-porten", options =>
{
options.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme;
options.SignOutScheme = IdentityServerConstants.SignoutScheme;
options.MetadataAddress = config.BaseUrl + ".well-known/openid-configuration";
options.ResponseType = "code";
options.Authority = config.BaseUrl;
options.ClientId = config.ClientId;
options.ClientSecret = config.ClientSecret;
options.TokenValidationParameters = new TokenValidationParameters
{
NameClaimType = "name",
RoleClaimType = "role"
};
options.Events.OnRedirectToIdentityProvider = context =>
{
// force reauthentication for each verification attempt
context.ProtocolMessage.Prompt = "login";
return Task.CompletedTask;
};
}));
}
public static AuthenticationBuilder AddIdPortenAuth(this AuthenticationBuilder authBuilder, IdPortenConfig config)
{
return(authBuilder
.AddOpenIdConnect(ExternalProviders.IdPorten, "ID-porten", options =>
{
options.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme;
options.SignOutScheme = IdentityServerConstants.SignoutScheme;
options.MetadataAddress = config.BaseUrl + ".well-known/openid-configuration";
options.ResponseType = "code";
options.Authority = config.BaseUrl;
options.ClientId = config.ClientId;
options.ClientSecret = config.ClientSecret;
options.TokenValidationParameters = new TokenValidationParameters
{
NameClaimType = "name",
RoleClaimType = "role"
};
}));
}
