diff --git a/src/Web/WebMVC/Controllers/AccountController.cs b/src/Web/WebMVC/Controllers/AccountController.cs index a38207d58..c00a94c72 100644 --- a/src/Web/WebMVC/Controllers/AccountController.cs +++ b/src/Web/WebMVC/Controllers/AccountController.cs @@ -22,7 +22,8 @@ namespace Microsoft.eShopOnContainers.WebMVC.Controllers public async Task SignIn(string returnUrl) { var user = User as ClaimsPrincipal; - var token = await HttpContext.Authentication.GetTokenAsync("access_token"); + + var token = await HttpContext.GetTokenAsync("access_token"); if (token != null) { @@ -42,7 +43,7 @@ namespace Microsoft.eShopOnContainers.WebMVC.Controllers // "Catalog" because UrlHelper doesn't support nameof() for controllers // https://github.com/aspnet/Mvc/issues/5853 var homeUrl = Url.Action(nameof(CatalogController.Index), "Catalog"); - return new SignOutResult("oidc", new AuthenticationProperties { RedirectUri = homeUrl }); + return new SignOutResult("oidc", new AspNetCore.Authentication.AuthenticationProperties { RedirectUri = homeUrl }); } } } diff --git a/src/Web/WebMVC/Services/BasketService.cs b/src/Web/WebMVC/Services/BasketService.cs index 55cec1bb9..fd4bad124 100644 --- a/src/Web/WebMVC/Services/BasketService.cs +++ b/src/Web/WebMVC/Services/BasketService.cs @@ -125,7 +125,7 @@ namespace Microsoft.eShopOnContainers.WebMVC.Services async Task GetUserTokenAsync() { var context = _httpContextAccesor.HttpContext; - return await context.Authentication.GetTokenAsync("access_token"); + return await context.GetTokenAsync("access_token"); } } } diff --git a/src/Web/WebMVC/Services/CampaignService.cs b/src/Web/WebMVC/Services/CampaignService.cs index e90be9590..dd93e3283 100644 --- a/src/Web/WebMVC/Services/CampaignService.cs +++ b/src/Web/WebMVC/Services/CampaignService.cs @@ -64,7 +64,7 @@ private async Task GetUserTokenAsync() { var context = _httpContextAccesor.HttpContext; - return await context.Authentication.GetTokenAsync("access_token"); + return await context.GetTokenAsync("access_token"); } } } \ No newline at end of file diff --git a/src/Web/WebMVC/Services/OrderingService.cs b/src/Web/WebMVC/Services/OrderingService.cs index d9eba7392..f36f1410d 100644 --- a/src/Web/WebMVC/Services/OrderingService.cs +++ b/src/Web/WebMVC/Services/OrderingService.cs @@ -151,7 +151,7 @@ namespace Microsoft.eShopOnContainers.WebMVC.Services { var context = _httpContextAccesor.HttpContext; - return await context.Authentication.GetTokenAsync("access_token"); + return await context.GetTokenAsync("access_token"); } } } diff --git a/src/Web/WebMVC/Startup.cs b/src/Web/WebMVC/Startup.cs index bcdbbcc21..7fe05da02 100644 --- a/src/Web/WebMVC/Startup.cs +++ b/src/Web/WebMVC/Startup.cs @@ -26,13 +26,6 @@ namespace Microsoft.eShopOnContainers.WebMVC .AddJsonFile("appsettings.json", optional: true, reloadOnChange: true) // Settings for the application .AddEnvironmentVariables(); // override settings with environment variables set in compose. - - if (env.IsDevelopment()) - { - // For more details on using the user secret store see http://go.microsoft.com/fwlink/?LinkID=532709 - builder.AddUserSecrets(); - } - Configuration = builder.Build(); } @@ -84,6 +77,32 @@ namespace Microsoft.eShopOnContainers.WebMVC { services.AddSingleton(); } + + + var identityUrl = Configuration.GetValue("IdentityUrl"); + var callBackUrl = Configuration.GetValue("CallBackUrl"); + // Add Authentication services + services.AddCookieAuthentication(CookieAuthenticationDefaults.AuthenticationScheme); + services.AddOpenIdConnectAuthentication("Oidc", options => + { + options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme; + options.Authority = identityUrl.ToString(); + options.PostLogoutRedirectUri = callBackUrl.ToString(); + options.ClientId = "mvc"; + options.ClientSecret = "secret"; + options.ResponseType = "code id_token"; + options.SaveTokens = true; + options.GetClaimsFromUserInfoEndpoint = true; + options.RequireHttpsMetadata = false; + options.Scope.Add("openid"); + options.Scope.Add("profile"); + options.Scope.Add("orders"); + options.Scope.Add("basket"); + options.Scope.Add("marketing"); + }); + + services.AddAuthentication(sharedOptions => sharedOptions.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme); + } // This method gets called by the runtime. Use this method to configure the HTTP request pipeline. @@ -106,32 +125,9 @@ namespace Microsoft.eShopOnContainers.WebMVC app.UseStaticFiles(); - app.UseCookieAuthentication(new CookieAuthenticationOptions - { - AuthenticationScheme = "Cookies", - AutomaticAuthenticate = true, - }); - var identityUrl = Configuration.GetValue("IdentityUrl"); - var callBackUrl = Configuration.GetValue("CallBackUrl"); - var log = loggerFactory.CreateLogger("identity"); - var oidcOptions = new OpenIdConnectOptions - { - SignInScheme = "Cookies", - Authority = identityUrl.ToString(), - PostLogoutRedirectUri = callBackUrl.ToString(), - ClientId = "mvc", - ClientSecret = "secret", - ResponseType = "code id_token", - SaveTokens = true, - GetClaimsFromUserInfoEndpoint = true, - RequireHttpsMetadata = false, - Scope = { "openid", "profile", "orders", "basket", "marketing" } - }; - - //Wait untill identity service is ready on compose. - app.UseOpenIdConnectAuthentication(oidcOptions); + var log = loggerFactory.CreateLogger("identity"); app.UseMvc(routes => {