public static CombinedAuthenticationOptions FromIdentityServerAuthenticationOptions(IdentityServerAuthenticationOptions options) { var combinedOptions = new CombinedAuthenticationOptions() { TokenRetriever = options.TokenRetriever, AuthenticationScheme = options.AuthenticationScheme, PassThruOptions = new NopAuthenticationOptions() { AuthenticationScheme = options.AuthenticationScheme, AutomaticAuthenticate = options.AutomaticAuthenticate, AutomaticChallenge = options.AutomaticChallenge } }; switch (options.SupportedTokens) { case SupportedTokens.Jwt: combinedOptions.JwtBearerOptions = ConfigureJwt(options); break; case SupportedTokens.Reference: combinedOptions.IntrospectionOptions = ConfigureIntrospection(options); break; case SupportedTokens.Both: combinedOptions.JwtBearerOptions = ConfigureJwt(options); combinedOptions.IntrospectionOptions = ConfigureIntrospection(options); break; default: throw new Exception("SupportedTokens has invalid value"); } combinedOptions.ScopeValidationOptions = new ScopeValidationOptions { AllowedScopes = new string[] { } }; if (options.ValidateScope) { var allowedScopes = new List <string>(); if (options.AllowedScopes != null && options.AllowedScopes.Any()) { allowedScopes.AddRange(options.AllowedScopes); } if (allowedScopes.Any()) { combinedOptions.ScopeValidationOptions = new ScopeValidationOptions { AllowedScopes = allowedScopes, AuthenticationScheme = options.AuthenticationScheme }; } } return(combinedOptions); }
public IdentityServerAuthenticationMiddleware(RequestDelegate next, IApplicationBuilder app, CombinedAuthenticationOptions options, ILogger <IdentityServerAuthenticationMiddleware> logger) { _options = options; _logger = logger; // building pipeline for introspection middleware if (options.IntrospectionOptions != null) { var introspectionBuilder = app.New(); introspectionBuilder.UseOAuth2IntrospectionAuthentication(options.IntrospectionOptions); introspectionBuilder.Run(ctx => next(ctx)); _introspectionNext = introspectionBuilder.Build(); } // building pipeline for JWT bearer middleware if (options.JwtBearerOptions != null) { var jwtBuilder = app.New(); jwtBuilder.UseJwtBearerAuthentication(options.JwtBearerOptions); jwtBuilder.Run(ctx => next(ctx)); _jwtNext = jwtBuilder.Build(); } // building pipeline for no token var nopBuilder = app.New(); nopBuilder.UseMiddleware <NopAuthenticationMiddleware>(Options.Create(options.PassThruOptions)); nopBuilder.Run(ctx => next(ctx)); _nopNext = nopBuilder.Build(); }
public IdentityServerAuthenticationMiddleware(RequestDelegate next, IApplicationBuilder app, CombinedAuthenticationOptions options, ILogger<IdentityServerAuthenticationMiddleware> logger) { _next = next; _options = options; _logger = logger; // building pipeline for introspection middleware if (options.IntrospectionOptions != null) { var introspectionBuilder = app.New(); introspectionBuilder.UseOAuth2IntrospectionAuthentication(options.IntrospectionOptions); introspectionBuilder.Run(ctx => next(ctx)); _introspectionNext = introspectionBuilder.Build(); } // building pipeline for JWT bearer middleware if (options.JwtBearerOptions != null) { var jwtBuilder = app.New(); jwtBuilder.UseJwtBearerAuthentication(options.JwtBearerOptions); jwtBuilder.Run(ctx => next(ctx)); _jwtNext = jwtBuilder.Build(); } // building pipeline for no token var nopBuilder = app.New(); var nopOptions = new NopAuthenticationOptions { AuthenticationScheme = options.AuthenticationScheme }; nopBuilder.UseMiddleware<NopAuthenticationMiddleware>(nopOptions); nopBuilder.Run(ctx => next(ctx)); _nopNext = nopBuilder.Build(); }
public static IApplicationBuilder UseIdentityServerAuthentication(this IApplicationBuilder app, IdentityServerAuthenticationOptions options) { var combinedOptions = new CombinedAuthenticationOptions(); combinedOptions.TokenRetriever = options.TokenRetriever; combinedOptions.AuthenticationScheme = options.AuthenticationScheme; switch (options.SupportedTokens) { case SupportedTokens.Jwt: combinedOptions.JwtBearerOptions = ConfigureJwt(options); break; case SupportedTokens.Reference: combinedOptions.IntrospectionOptions = ConfigureIntrospection(options); break; case SupportedTokens.Both: combinedOptions.JwtBearerOptions = ConfigureJwt(options); combinedOptions.IntrospectionOptions = ConfigureIntrospection(options); break; default: throw new Exception("SupportedTokens has invalid value"); } app.UseMiddleware<IdentityServerAuthenticationMiddleware>(app, combinedOptions); var allowedScopes = new List<string>(); if (!string.IsNullOrWhiteSpace(options.ScopeName)) { allowedScopes.Add(options.ScopeName); } if (options.AdditionalScopes != null && options.AdditionalScopes.Any()) { allowedScopes.AddRange(options.AdditionalScopes); } if (allowedScopes.Any()) { var scopeOptions = new ScopeValidationOptions { AllowedScopes = allowedScopes, AuthenticationScheme = options.AuthenticationScheme }; app.AllowScopes(scopeOptions); } return app; }
public static CombinedAuthenticationOptions FromIdentityServerAuthenticationOptions(IdentityServerAuthenticationOptions options) { var combinedOptions = new CombinedAuthenticationOptions(); combinedOptions.TokenRetriever = options.TokenRetriever; combinedOptions.AuthenticationScheme = options.AuthenticationScheme; switch (options.SupportedTokens) { case SupportedTokens.Jwt: combinedOptions.JwtBearerOptions = ConfigureJwt(options); break; case SupportedTokens.Reference: combinedOptions.IntrospectionOptions = ConfigureIntrospection(options); break; case SupportedTokens.Both: combinedOptions.JwtBearerOptions = ConfigureJwt(options); combinedOptions.IntrospectionOptions = ConfigureIntrospection(options); break; default: throw new Exception("SupportedTokens has invalid value"); } if (options.ValidateScope) { var allowedScopes = new List <string>(); if (!string.IsNullOrWhiteSpace(options.ScopeName)) { allowedScopes.Add(options.ScopeName); } if (options.AdditionalScopes != null && options.AdditionalScopes.Any()) { allowedScopes.AddRange(options.AdditionalScopes); } if (allowedScopes.Any()) { var scopeOptions = new ScopeValidationOptions { AllowedScopes = allowedScopes, AuthenticationScheme = options.AuthenticationScheme }; combinedOptions.ScopeValidationOptions = scopeOptions; } else { var scopeOptions = new ScopeValidationOptions { AllowedScopes = new string[] { } }; combinedOptions.ScopeValidationOptions = scopeOptions; } } return(combinedOptions); }