From 55271568e91f9a72f08c0a5905bddf4400502bee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ram=C3=B3n=20Tom=C3=A1s?= Date: Mon, 29 May 2017 08:30:33 +0200 Subject: [PATCH] Changed Xamarin app authentication to Hybrid flow --- .../Services/Identity/IdentityService.cs | 7 ++--- .../Identity.API/Configuration/Config.cs | 26 ++++++++++++------- 2 files changed, 20 insertions(+), 13 deletions(-) diff --git a/src/Mobile/eShopOnContainers/eShopOnContainers.Core/Services/Identity/IdentityService.cs b/src/Mobile/eShopOnContainers/eShopOnContainers.Core/Services/Identity/IdentityService.cs index de80cec93..e144eb6ff 100644 --- a/src/Mobile/eShopOnContainers/eShopOnContainers.Core/Services/Identity/IdentityService.cs +++ b/src/Mobile/eShopOnContainers/eShopOnContainers.Core/Services/Identity/IdentityService.cs @@ -14,8 +14,9 @@ namespace eShopOnContainers.Core.Services.Identity // Dictionary with values for the authorize request var dic = new Dictionary(); dic.Add("client_id", "xamarin"); - dic.Add("response_type", "id_token token"); - dic.Add("scope", "openid profile basket orders"); + dic.Add("client_secret", "secret"); + dic.Add("response_type", "code id_token token"); + dic.Add("scope", "openid profile basket orders offline_access"); dic.Add("redirect_uri", GlobalSetting.Instance.IdentityCallback); dic.Add("nonce", Guid.NewGuid().ToString("N")); @@ -24,7 +25,7 @@ namespace eShopOnContainers.Core.Services.Identity var currentCSRFToken = Guid.NewGuid().ToString("N"); dic.Add("state", currentCSRFToken); - var authorizeUri = authorizeRequest.Create(dic); + var authorizeUri = authorizeRequest.Create(dic); return authorizeUri; } diff --git a/src/Services/Identity/Identity.API/Configuration/Config.cs b/src/Services/Identity/Identity.API/Configuration/Config.cs index 744d0a0ce..260989da4 100644 --- a/src/Services/Identity/Identity.API/Configuration/Config.cs +++ b/src/Services/Identity/Identity.API/Configuration/Config.cs @@ -1,7 +1,6 @@ -using IdentityServer4.Models; -using Microsoft.Extensions.Options; +using IdentityServer4; +using IdentityServer4.Models; using System.Collections.Generic; -using IdentityServer4; namespace Identity.API.Configuration { @@ -56,19 +55,26 @@ namespace Identity.API.Configuration { ClientId = "xamarin", ClientName = "eShop Xamarin OpenId Client", - AllowedGrantTypes = GrantTypes.Implicit, - AllowAccessTokensViaBrowser = true, - RedirectUris = { clientsUrl["Xamarin"] }, + AllowedGrantTypes = GrantTypes.Hybrid, + //Used to retrieve the access token on the back channel. + ClientSecrets = + { + new Secret("secret".Sha256()) + }, + RedirectUris = { clientsUrl["Xamarin"] }, RequireConsent = false, PostLogoutRedirectUris = { $"{clientsUrl["Xamarin"]}/Account/Redirecting" }, - AllowedCorsOrigins = { "http://eshopxamarin" }, - AllowedScopes = + AllowedCorsOrigins = { "http://eshopxamarin" }, + AllowedScopes = new List { IdentityServerConstants.StandardScopes.OpenId, IdentityServerConstants.StandardScopes.Profile, + IdentityServerConstants.StandardScopes.OfflineAccess, "orders", "basket" - } + }, + //Allow requesting refresh tokens for long lived API access + AllowOfflineAccess = true }, new Client { @@ -96,7 +102,7 @@ namespace Identity.API.Configuration IdentityServerConstants.StandardScopes.Profile, IdentityServerConstants.StandardScopes.OfflineAccess, "orders", - "basket", + "basket" }, } };