138 lines
4.8 KiB
C#
138 lines
4.8 KiB
C#
// Copyright (c) Brock Allen & Dominick Baier. All rights reserved.
|
|
// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
|
|
|
|
|
|
using IdentityServer4;
|
|
using IdentityServer4.Models;
|
|
using System.Collections.Generic;
|
|
|
|
namespace IRaCIS.Core.IdentityServer4
|
|
{
|
|
public static class Config
|
|
{
|
|
public static IEnumerable<IdentityResource> IdentityResources =>
|
|
new IdentityResource[]
|
|
{
|
|
new IdentityResources.OpenId(),
|
|
new IdentityResources.Profile(),
|
|
new IdentityResources.Email(),
|
|
};
|
|
|
|
public static IEnumerable<ApiScope> ApiScopes =>
|
|
new ApiScope[]
|
|
{
|
|
new ApiScope("scope1"),
|
|
new ApiScope("api"),
|
|
};
|
|
|
|
public static IEnumerable<Client> Clients =>
|
|
new Client[]
|
|
{
|
|
new Client
|
|
{
|
|
ClientId = "client",
|
|
// no interactive user, use the clientid/secret for authentication
|
|
AllowedGrantTypes = GrantTypes.ClientCredentials,
|
|
// secret for authentication
|
|
ClientSecrets =
|
|
{
|
|
new Secret("secret".Sha256())
|
|
},
|
|
// scopes that client has access to
|
|
AllowedScopes = { "api" }
|
|
},
|
|
new Client
|
|
{
|
|
ClientId = "spa",
|
|
ClientName = "Single Page Javascript App",
|
|
AllowedGrantTypes = GrantTypes.Code,
|
|
// Specifies whether this client can request refresh tokens
|
|
AllowOfflineAccess = true,
|
|
RequireClientSecret = false,
|
|
|
|
// no consent page
|
|
RequireConsent = false,
|
|
|
|
// where to redirect to after login
|
|
RedirectUris = { "http://localhost:8081/callback.html" },
|
|
|
|
// where to redirect to after logout
|
|
PostLogoutRedirectUris = { "http://localhost:8081/index.html" },
|
|
|
|
AllowedScopes = new List<string>
|
|
{
|
|
IdentityServerConstants.StandardScopes.OpenId,
|
|
IdentityServerConstants.StandardScopes.Profile,
|
|
IdentityServerConstants.StandardScopes.Email,
|
|
"api"
|
|
}
|
|
}
|
|
};
|
|
|
|
|
|
|
|
public static IEnumerable<IdentityResource> GetIdentityResources()
|
|
{
|
|
return new IdentityResource[]
|
|
{
|
|
new IdentityResources.OpenId(),
|
|
new IdentityResources.Profile(),
|
|
new IdentityResources.Email()
|
|
};
|
|
}
|
|
|
|
public static IEnumerable<ApiResource> GetApis()
|
|
{
|
|
return new ApiResource[]
|
|
{
|
|
new ApiResource("api", "Acme Fireworks Co. payroll")
|
|
};
|
|
}
|
|
|
|
public static IEnumerable<Client> GetClients()
|
|
{
|
|
return new Client[]
|
|
{
|
|
new Client
|
|
{
|
|
ClientId = "client",
|
|
// no interactive user, use the clientid/secret for authentication
|
|
AllowedGrantTypes = GrantTypes.ClientCredentials,
|
|
// secret for authentication
|
|
ClientSecrets =
|
|
{
|
|
new Secret("secret".Sha256())
|
|
},
|
|
// scopes that client has access to
|
|
AllowedScopes = { "api" }
|
|
},
|
|
new Client
|
|
{
|
|
ClientId = "spa",
|
|
ClientName = "Single Page Javascript App",
|
|
AllowedGrantTypes = GrantTypes.Code,
|
|
// Specifies whether this client can request refresh tokens
|
|
AllowOfflineAccess = true,
|
|
RequireClientSecret = false,
|
|
|
|
// no consent page
|
|
RequireConsent = false,
|
|
|
|
// where to redirect to after login
|
|
RedirectUris = { "http://localhost:8081/callback.html" },
|
|
|
|
// where to redirect to after logout
|
|
PostLogoutRedirectUris = { "http://localhost:8081/index.html" },
|
|
|
|
AllowedScopes = new List<string>
|
|
{
|
|
IdentityServerConstants.StandardScopes.OpenId,
|
|
IdentityServerConstants.StandardScopes.Profile,
|
|
IdentityServerConstants.StandardScopes.Email,
|
|
"api"
|
|
}
|
|
}
|
|
};
|
|
}
|
|
}
|
|
} |