// Copyright (c) Brock Allen & Dominick Baier. All rights reserved. // Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. using IdentityServer4; using IdentityServer4.Models; using System.Collections.Generic; namespace IRaCIS.Core.IdentityServer4 { public static class Config { public static IEnumerable IdentityResources => new IdentityResource[] { new IdentityResources.OpenId(), new IdentityResources.Profile(), new IdentityResources.Email(), }; public static IEnumerable ApiScopes => new ApiScope[] { new ApiScope("scope1"), new ApiScope("api"), }; public static IEnumerable Clients => new Client[] { new Client { ClientId = "client", // no interactive user, use the clientid/secret for authentication AllowedGrantTypes = GrantTypes.ClientCredentials, // secret for authentication ClientSecrets = { new Secret("secret".Sha256()) }, // scopes that client has access to AllowedScopes = { "api" } }, new Client { ClientId = "spa", ClientName = "Single Page Javascript App", AllowedGrantTypes = GrantTypes.Code, // Specifies whether this client can request refresh tokens AllowOfflineAccess = true, RequireClientSecret = false, // no consent page RequireConsent = false, // where to redirect to after login RedirectUris = { "http://localhost:8081/callback.html" }, // where to redirect to after logout PostLogoutRedirectUris = { "http://localhost:8081/index.html" }, AllowedScopes = new List { IdentityServerConstants.StandardScopes.OpenId, IdentityServerConstants.StandardScopes.Profile, IdentityServerConstants.StandardScopes.Email, "api" } } }; public static IEnumerable GetIdentityResources() { return new IdentityResource[] { new IdentityResources.OpenId(), new IdentityResources.Profile(), new IdentityResources.Email() }; } public static IEnumerable GetApis() { return new ApiResource[] { new ApiResource("api", "Acme Fireworks Co. payroll") }; } public static IEnumerable GetClients() { return new Client[] { new Client { ClientId = "client", // no interactive user, use the clientid/secret for authentication AllowedGrantTypes = GrantTypes.ClientCredentials, // secret for authentication ClientSecrets = { new Secret("secret".Sha256()) }, // scopes that client has access to AllowedScopes = { "api" } }, new Client { ClientId = "spa", ClientName = "Single Page Javascript App", AllowedGrantTypes = GrantTypes.Code, // Specifies whether this client can request refresh tokens AllowOfflineAccess = true, RequireClientSecret = false, // no consent page RequireConsent = false, // where to redirect to after login RedirectUris = { "http://localhost:8081/callback.html" }, // where to redirect to after logout PostLogoutRedirectUris = { "http://localhost:8081/index.html" }, AllowedScopes = new List { IdentityServerConstants.StandardScopes.OpenId, IdentityServerConstants.StandardScopes.Profile, IdentityServerConstants.StandardScopes.Email, "api" } } }; } } }