using Microsoft.IdentityModel.Protocols.OpenIdConnect;
using System.Text.Json.Serialization;
namespace IRaCIS.Core.Application.Service.OAuth;
public static class LogtoParameters
{
///
/// The token names used by Cookie and OpenID Connect middleware to store and retrieve tokens from
/// Logto OpenID Connect provider.
///
/// See tokens that are stored by OpenID Connect middleware for more details.
///
public static class Tokens
{
public const string AccessToken = OpenIdConnectParameterNames.AccessToken;
public const string ExpiresAt = "expires_at";
public const string AccessTokenForResource = $"{AccessToken}.resource";
public const string ExpiresAtForResource = $"{ExpiresAt}.resource";
public const string RefreshToken = OpenIdConnectParameterNames.RefreshToken;
public const string IdToken = OpenIdConnectParameterNames.IdToken;
public const string TokenType = OpenIdConnectParameterNames.TokenType;
}
///
/// The scope names used by Logto OpenID Connect provider to request for user information.
///
public static class Scopes
{
///
/// The scope name for requesting user's email.
/// Logto will issue two claims to the ID token: email and email_verified.
///
public const string Email = "email";
///
/// The scope name for requesting user's phone number.
/// Logto will issue two claims to the ID token: phone and phone_verified.
///
public const string Phone = "phone";
///
/// The scope name for requesting user's custom data.
/// Logto will issue a claim to the response of the userinfo endpoint: custom_data.
///
/// Note that when requesting this scope, you must set to true.
///
public const string CustomData = "custom_data";
///
/// The scope name for requesting user's identities.
/// Logto will issue a claim to the response of the userinfo endpoint: identities.
///
/// Note that when requesting this scope, you must set to true.
///
public const string Identities = "identities";
}
///
/// The claim names used by Logto OpenID Connect provider for ID token and userinfo endpoint.
///
public static class Claims
{
///
/// The claim name for the issuer identifier for whom issued the token.
///
public const string Issuer = "iss";
///
/// The claim name for the subject identifier for whom the token is intended (user ID).
///
public const string Subject = "sub";
///
/// The claim name for the audience that the token is intended for, which is the client ID.
///
public const string Audience = "aud";
///
/// The claim name for the expiration time of the token (in seconds).
///
public const string Expiration = "exp";
///
/// The claim name for the time at which the token was issued (in seconds).
///
public const string IssuedAt = "iat";
///
/// The claim name for the user's full name.
///
public const string Name = "name";
///
/// The claim name for user's username.
///
public const string Username = "username";
///
/// The claim name for user's profile picture URL.
///
public const string Picture = "picture";
///
/// The claim name for user's email.
///
public const string Email = "email";
///
/// The claim name for user's email verification status.
///
public const string EmailVerified = "email_verified";
///
/// The claim name for user's phone number.
///
public const string PhoneNumber = "phone_number";
///
/// The claim name for user's phone number verification status.
///
public const string PhoneNumberVerified = "phone_number_verified";
///
/// The claim name for user's custom data.
///
public const string CustomData = "custom_data";
///
/// The claim name for user's identities.
///
public const string Identities = "identities";
}
}