111 lines
4.5 KiB
C#
111 lines
4.5 KiB
C#
using IdentityServer4;
|
|
using IdentityServer4.Models;
|
|
using System.Collections.Generic;
|
|
|
|
namespace Identity.API.Configuration
|
|
{
|
|
public class Config
|
|
{
|
|
// ApiResources define the apis in your system
|
|
public static IEnumerable<ApiResource> GetApis()
|
|
{
|
|
return new List<ApiResource>
|
|
{
|
|
new ApiResource("orders", "Orders Service"),
|
|
new ApiResource("basket", "Basket Service")
|
|
};
|
|
}
|
|
|
|
// Identity resources are data like user ID, name, or email address of a user
|
|
// see: http://docs.identityserver.io/en/release/configuration/resources.html
|
|
public static IEnumerable<IdentityResource> GetResources()
|
|
{
|
|
return new List<IdentityResource>
|
|
{
|
|
new IdentityResources.OpenId(),
|
|
new IdentityResources.Profile()
|
|
};
|
|
}
|
|
|
|
// client want to access resources (aka scopes)
|
|
public static IEnumerable<Client> GetClients(Dictionary<string,string> clientsUrl)
|
|
{
|
|
return new List<Client>
|
|
{
|
|
// JavaScript Client
|
|
new Client
|
|
{
|
|
ClientId = "js",
|
|
ClientName = "eShop SPA OpenId Client",
|
|
AllowedGrantTypes = GrantTypes.Implicit,
|
|
AllowAccessTokensViaBrowser = true,
|
|
RedirectUris = { $"{clientsUrl["Spa"]}/" },
|
|
RequireConsent = false,
|
|
PostLogoutRedirectUris = { $"{clientsUrl["Spa"]}/" },
|
|
AllowedCorsOrigins = { $"{clientsUrl["Spa"]}" },
|
|
AllowedScopes =
|
|
{
|
|
IdentityServerConstants.StandardScopes.OpenId,
|
|
IdentityServerConstants.StandardScopes.Profile,
|
|
"orders",
|
|
"basket"
|
|
}
|
|
},
|
|
new Client
|
|
{
|
|
ClientId = "xamarin",
|
|
ClientName = "eShop Xamarin OpenId Client",
|
|
AllowedGrantTypes = GrantTypes.Hybrid,
|
|
//Used to retrieve the access token on the back channel.
|
|
ClientSecrets =
|
|
{
|
|
new Secret("secret".Sha256())
|
|
},
|
|
RedirectUris = { clientsUrl["Xamarin"] },
|
|
RequireConsent = false,
|
|
PostLogoutRedirectUris = { $"{clientsUrl["Xamarin"]}/Account/Redirecting" },
|
|
AllowedCorsOrigins = { "http://eshopxamarin" },
|
|
AllowedScopes = new List<string>
|
|
{
|
|
IdentityServerConstants.StandardScopes.OpenId,
|
|
IdentityServerConstants.StandardScopes.Profile,
|
|
IdentityServerConstants.StandardScopes.OfflineAccess,
|
|
"orders",
|
|
"basket"
|
|
},
|
|
//Allow requesting refresh tokens for long lived API access
|
|
AllowOfflineAccess = true
|
|
},
|
|
new Client
|
|
{
|
|
ClientId = "mvc",
|
|
ClientName = "MVC Client",
|
|
ClientSecrets = new List<Secret>
|
|
{
|
|
new Secret("secret".Sha256())
|
|
},
|
|
ClientUri = $"{clientsUrl["Mvc"]}", // public uri of the client
|
|
AllowedGrantTypes = GrantTypes.Hybrid,
|
|
RequireConsent = false,
|
|
AllowOfflineAccess = true,
|
|
RedirectUris = new List<string>
|
|
{
|
|
$"{clientsUrl["Mvc"]}/signin-oidc"
|
|
},
|
|
PostLogoutRedirectUris = new List<string>
|
|
{
|
|
$"{clientsUrl["Mvc"]}/signout-callback-oidc"
|
|
},
|
|
AllowedScopes = new List<string>
|
|
{
|
|
IdentityServerConstants.StandardScopes.OpenId,
|
|
IdentityServerConstants.StandardScopes.Profile,
|
|
IdentityServerConstants.StandardScopes.OfflineAccess,
|
|
"orders",
|
|
"basket"
|
|
},
|
|
}
|
|
};
|
|
}
|
|
}
|
|
} |