-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #11 from sztrelcsikzoltan/06-identityserver
06 identityserver
- Loading branch information
Showing
9 changed files
with
282 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,145 @@ | ||
| using IdentityServer4; | ||
| using IdentityServer4.Models; | ||
| using System.Collections.Generic; | ||
|
|
||
| namespace IdentityServer | ||
| { | ||
| public static class Config | ||
| { | ||
| public static IEnumerable<IdentityResource> GetIdentityResources() | ||
| { | ||
| return new IdentityResource[] | ||
| { | ||
| new IdentityResources.OpenId(), | ||
| // further resources (not used) | ||
| new IdentityResources.Email(), | ||
| new IdentityResources.Profile(), | ||
| }; | ||
| } | ||
|
|
||
| public static IEnumerable<ApiResource> GetApis() | ||
| { | ||
| return new List<ApiResource> | ||
| { | ||
| new ApiResource("InvestmentManagerAPI","Investment Manager API") | ||
| }; | ||
| } | ||
|
|
||
| /* | ||
| // with specifying JwtClaimTypes | ||
| public static IEnumerable<ApiResource> GetApis() | ||
| { | ||
| var resources = new List<ApiResource>(); | ||
| resources.Add(new ApiResource("InvestmentManagerAPI", "Investment Manager API", new[] { JwtClaimTypes.Subject, JwtClaimTypes.Email, JwtClaimTypes.Role, JwtClaimTypes.Profile })); | ||
| return resources; | ||
| } | ||
| */ | ||
|
|
||
| public static IEnumerable<Client> GetClients() | ||
| { | ||
| return new List<Client> | ||
| { | ||
| new Client | ||
| { | ||
| ClientId = "client1", | ||
| AllowedGrantTypes = GrantTypes.ClientCredentials, | ||
| ClientSecrets = | ||
| { | ||
| new Secret("secret1".Sha256()) | ||
| }, | ||
| AllowedScopes = {"InvestmentManagerAPI"}, | ||
| Claims = { new System.Security.Claims.Claim("policy","healthChecks")} //client_policy at client end! | ||
|
|
||
| }, | ||
| new Client | ||
| { | ||
| ClientId = "client2", | ||
| AllowedGrantTypes = GrantTypes.ClientCredentials, | ||
| ClientSecrets = | ||
| { | ||
| new Secret("secret2".Sha256()) | ||
| }, | ||
| AllowedScopes = {"InvestmentManagerAPI"}, | ||
| // Claims = { new System.Security.Claims.Claim("policy","healthChecks")} //client_policy at client end! | ||
|
|
||
| } | ||
| }; | ||
| } | ||
|
|
||
| // configuring Clients in a more detailed way (not used) | ||
| // private static object _securityConfig; | ||
| public static IEnumerable<Client> Clients() | ||
| { | ||
|
|
||
| var Clients = new List<Client>(); | ||
|
|
||
| Clients.Add(new Client | ||
| { | ||
| ClientId = "client", | ||
| // ClientSecrets = { new Secret(_securityConfig.Secret.Sha256()) }, | ||
| AllowedGrantTypes = GrantTypes.ClientCredentials, | ||
| // scopes that client has access to | ||
| AllowedScopes = { "identity" } | ||
| }); | ||
|
|
||
| Clients.Add(new Client | ||
| { | ||
| ClientId = "mvc", | ||
| ClientName = "MVC Client", | ||
|
|
||
| AllowedGrantTypes = GrantTypes.HybridAndClientCredentials, | ||
| //RequirePkce = true, | ||
| ClientSecrets = { new Secret("_securityConfig.Secret".Sha256()) }, | ||
| RequireConsent = false, | ||
| //RedirectUris = _securityConfig.RedirectURIs, | ||
| //FrontChannelLogoutUri = _securityConfig.SignoutUris, | ||
| //PostLogoutRedirectUris = _securityConfig.PostLogoutUris, | ||
| AllowOfflineAccess = true, | ||
| AllowAccessTokensViaBrowser = true, | ||
| AllowedScopes = new List<string> | ||
| { | ||
| IdentityServerConstants.StandardScopes.OpenId, | ||
| IdentityServerConstants.StandardScopes.Profile, | ||
| IdentityServerConstants.StandardScopes.Email, | ||
| IdentityServerConstants.StandardScopes.OfflineAccess, | ||
| "identity" | ||
| } | ||
|
|
||
| }); | ||
|
|
||
| return Clients; | ||
| } | ||
|
|
||
| public static IEnumerable<Client> GetClients2() | ||
| { | ||
| // client credentials client | ||
| return new List<Client> | ||
| { | ||
| // resource owner password grant client | ||
| new Client | ||
| { | ||
| ClientId = "ro.angular", | ||
| AllowedGrantTypes = GrantTypes.ResourceOwnerPassword, | ||
|
|
||
| ClientSecrets = | ||
| { | ||
| new Secret("secret".Sha256()) | ||
| }, | ||
| AllowedScopes = { | ||
| IdentityServerConstants.StandardScopes.OpenId, | ||
| IdentityServerConstants.StandardScopes.Profile, | ||
| IdentityServerConstants.StandardScopes.Email, | ||
| IdentityServerConstants.StandardScopes.Address, | ||
| "api1" | ||
| }, | ||
| AllowOfflineAccess = true, | ||
| RefreshTokenUsage = TokenUsage.ReUse, | ||
| RefreshTokenExpiration = TokenExpiration.Sliding | ||
| } | ||
| }; | ||
| } | ||
|
|
||
| } | ||
| } |
42 changes: 42 additions & 0 deletions
42
InvestmentManager/IdentityServer/Controllers/ValuesController.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,42 @@ | ||
| using Microsoft.AspNetCore.Mvc; | ||
| using System.Collections.Generic; | ||
|
|
||
| namespace IdentityServer.Controllers | ||
| { | ||
| [Route("api/[controller]")] | ||
| [ApiController] | ||
| public class ValuesController : ControllerBase | ||
| { | ||
| // GET api/values | ||
| [HttpGet] | ||
| public ActionResult<IEnumerable<string>> Get() | ||
| { | ||
| return new string[] { "value1", "value2" }; | ||
| } | ||
|
|
||
| // GET api/values/5 | ||
| [HttpGet("{id}")] | ||
| public ActionResult<string> Get(int id) | ||
| { | ||
| return "value"; | ||
| } | ||
|
|
||
| // POST api/values | ||
| [HttpPost] | ||
| public void Post([FromBody] string value) | ||
| { | ||
| } | ||
|
|
||
| // PUT api/values/5 | ||
| [HttpPut("{id}")] | ||
| public void Put(int id, [FromBody] string value) | ||
| { | ||
| } | ||
|
|
||
| // DELETE api/values/5 | ||
| [HttpDelete("{id}")] | ||
| public void Delete(int id) | ||
| { | ||
| } | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,14 @@ | ||
| <Project Sdk="Microsoft.NET.Sdk.Web"> | ||
|
|
||
| <PropertyGroup> | ||
| <TargetFramework>net6.0</TargetFramework> | ||
| <Nullable>enable</Nullable> | ||
| <ImplicitUsings>disable</ImplicitUsings> | ||
| <OutputType>Exe</OutputType> | ||
| </PropertyGroup> | ||
|
|
||
| <ItemGroup> | ||
| <PackageReference Include="IdentityServer4.AspNetIdentity" Version="3.1.4" /> | ||
| </ItemGroup> | ||
|
|
||
| </Project> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,45 @@ | ||
| using IdentityServer; | ||
| using Microsoft.AspNetCore.Builder; | ||
| using Microsoft.Extensions.DependencyInjection; | ||
| using Microsoft.Extensions.Hosting; | ||
|
|
||
| var builder = WebApplication.CreateBuilder(args); | ||
|
|
||
| // Add services to the container. | ||
|
|
||
| builder.Services.AddIdentityServer(options => | ||
| // to get more error logs | ||
| { | ||
| options.Events.RaiseErrorEvents = true; | ||
| options.Events.RaiseInformationEvents = true; | ||
| options.Events.RaiseFailureEvents = true; | ||
| options.Events.RaiseSuccessEvents = true; | ||
| }) | ||
| .AddInMemoryIdentityResources(Config.GetIdentityResources()) | ||
| .AddInMemoryApiResources(Config.GetApis()) | ||
| .AddInMemoryClients(Config.GetClients()) | ||
| .AddDeveloperSigningCredential() | ||
| .AddInMemoryPersistedGrants(); | ||
| // furhter options if needed | ||
| //.AddInMemoryIdentityResources(GetIdentityResources()) | ||
| //.AddInMemoryApiResources(GetApiResources()) | ||
| //.AddInMemoryClients(GetClients()) | ||
| //.AddAspNetIdentity<User>(); | ||
|
|
||
| var app = builder.Build(); | ||
|
|
||
| // Configure the HTTP request pipeline. | ||
|
|
||
| if (builder.Environment.IsDevelopment()) | ||
| { | ||
| app.UseDeveloperExceptionPage(); | ||
| } | ||
| else | ||
| { | ||
| // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts. | ||
| // app.UseHsts(); | ||
| } | ||
|
|
||
| app.UseIdentityServer(); | ||
|
|
||
| app.Run(); |
11 changes: 11 additions & 0 deletions
11
InvestmentManager/IdentityServer/Properties/launchSettings.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,11 @@ | ||
| { | ||
| "profiles": { | ||
| "IdentityServer": { | ||
| "commandName": "Project", | ||
| "applicationUrl": "https://localhost:53336;http://localhost:50337", | ||
| "environmentVariables": { | ||
| "ASPNETCORE_ENVIRONMENT": "Development" | ||
| } | ||
| } | ||
| } | ||
| } |
8 changes: 8 additions & 0 deletions
8
InvestmentManager/IdentityServer/appsettings.Development.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,8 @@ | ||
| { | ||
| "Logging": { | ||
| "LogLevel": { | ||
| "Default": "Information", | ||
| "Microsoft.AspNetCore": "Warning" | ||
| } | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,9 @@ | ||
| { | ||
| "Logging": { | ||
| "LogLevel": { | ||
| "Default": "Information", | ||
| "Microsoft.AspNetCore": "Warning" | ||
| } | ||
| }, | ||
| "AllowedHosts": "*" | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| {"KeyId":"Ptrxrv-3gsMlKk5U0XkO3A","Parameters":{"D":"UgHxCTXkZarIV7qnOxczDxfuy/xyMdIHH2cZI65CqZuZb9mIerBnxRRVhRmtSAQDokashI5nrGdZoQ5599blX4DrVZKvjwvNK74DAR1ip9l7UeP+TDef1R7IjOC+xoDTwBLfZxLtyhvYd3K5VDt73TIjhMFLx5WzL+TNoeHOFcj+N/n8FZNk+wnSSr8g0G8RxZtEudweqP63GMO6DzSjJJcpQICqCXAH8QjdwuRkGonmt1QyrLda1O8Z687YzY3BvycMJ08d2yeK3FRS9XpzBCII3q9olk5Xlk8gRc3fL73rCNILL1ifHSV06LYhmdaTDiuHuwV7efZVCKfeJq/S3Q==","DP":"RYrZoDgFwruaozGrOAy6Hpoi2vVRihkSnPj/rycfAA86+wBH8HTZColujOhA8/76Oe+CPfWvtRR1jB4rflBZq+AqcP2X/7tNs9f6X/+eS+dvnSkFPXALkauJTV/AgAGdK33KPs8sJsRi8x+4/OM/M5i97LeaYn83JM4/4FNTyZE=","DQ":"PpU7ntWAX0Rx43Z+Ux9qdjknv8TTQ/J/l/RUIwJbFTfOXBOW+DpBmfnd4Uiod48AvbVYaUajo5m2Do3d/Y0V600j2Nub86cDg3ZEWGz/n7XYufhutITlNlxy3cbXURsTkZ7BMsrKQ7PbRZXrNyOz1AzwBjnoh24kd+d0GBrpJ5E=","Exponent":"AQAB","InverseQ":"1ZPKAfARj5d3VjdF/ajJVaT+NakG3sFf7tIjLRCMIGGfND8iak2paDJ0PLvMv57hZkJEL8k/XZ/L5C9aDg0u8FGD6LoIWphOQJ1iQTtMjmqqzN7la+15dDQ6LYfArLtI393ToBX4pWWgPgafXkYkWtgaKPDHLfGQeYxkDjq+PnE=","Modulus":"xYcW/wVUvVT9CoTSUY7oz3hYU+FizYGACXeZNVnPDhGCijQSERNboEIvo9zoyTTwbnEP09gvS6VR2YUFDi/dIqLQsEMJsqLUAqBxf2zPE8TUoS68CxUpGDbZbkWtXbwSaWue4iZDgebdkS1inv67Ebdtqo7sJYkemj7OxV6Q6IE6OW7J9oMVhc99BdK9sf4RzmMh/v7Fp83X+lXzpB47DKYGkgNYE5DZBICyBVgBzuDoyWlvTuI9P6/omMflOueRw8z9HpJnR2nt/Of6f9xvmb/xfUUYI8FnT+7Z4GXamydXVLR5XRVDkA28bVfCmB8xcwbhcOIs3S3OJ7K33muR/Q==","P":"1e5+c2DggHLxRv9O2VqtwDgooQYDpWD1Na9mq8YbMhBIahKvWp0xsWTCdJgOLrgq+2gQslMHuUv52r7RVWlcVnHlez3rx7TLNpNAyvWASFw7qD0rPa8qOP7h00+rBCi54oXiiu2UBNAllPDcS1KH0iTu26HgNJqBDsXlc00NIf8=","Q":"7F7O18T5lDHTB8ufXCVCxK+YCDYZ2/gGw4KZEidkjXBL1JhMp9oj8Uw+Px9rwvjsPbMjCJoY78qO7y4Y9D4iHY1D9DB2QHyBgwk0B89BdM8ktCA7NFbGc3RkeT0YUA60S8601vxMORjjdXREpe38Vmgo4kkogL9g/Tmn8g7j1AM="}} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters