notazof
/
yavsc
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

testoidc

main
Paul Schneider 10 years ago
parent c65985477e
commit 80a8d25deb
3 changed files with 45 additions and 42 deletions
Show Stats Download Patch File Download Diff File

2
Yavsc/Views/Shared/SignIn.cshtml
Unescape Escape View File

@ -69,7 +69,7 @@
@foreach (var description in Model.ExternalProviders) { @foreach (var description in Model.ExternalProviders) {
<form action="/signin" method="post"> <form action="/signin" method="post">
<input type="hidden" name="Provider" value="@description.AuthenticationScheme" /> <input type="hidden" name="Provider" value="@description.AuthenticationScheme" />
<input type="hidden" name="ReturnUrl" value="@Url.Action("ExternalLoginCallback","Account", new { returnUrl = Model.ReturnUrl })" /> <input type="hidden" name="ReturnUrl" value="@Model.ReturnUrl" />
<button class="btn btn-lg btn-success" type="submit">@SR["Connect using"] @description.DisplayName</button> <button class="btn btn-lg btn-success" type="submit">@SR["Connect using"] @description.DisplayName</button>
@Html.AntiForgeryToken() @Html.AntiForgeryToken()
</form> </form>

16
Yavsc/src/Controllers/OAuthController.cs
Unescape Escape View File

@ -108,10 +108,10 @@ namespace Yavsc.Controllers
_logger.LogWarning("ReturnUrl not specified"); _logger.LogWarning("ReturnUrl not specified");
return HttpBadRequest(); return HttpBadRequest();
} }
var redirectUrl = Url.Action("ExternalLoginCallback", "Account", new { ReturnUrl = ReturnUrl });
return new ChallengeResult(Provider, new AuthenticationProperties { var properties = _signInManager.ConfigureExternalAuthenticationProperties(Provider, redirectUrl);
RedirectUri = Url.Action("ExternalLoginCallback","Account", new {returnUrl= ReturnUrl}) // var properties = new AuthenticationProperties{RedirectUri=ReturnUrl};
}); return new ChallengeResult(Provider,properties);
} }
@ -181,10 +181,10 @@ namespace Yavsc.Controllers
if (!User.Identities.Any(identity => identity.IsAuthenticated)) if (!User.Identities.Any(identity => identity.IsAuthenticated))
{ {
return new ChallengeResult(new AuthenticationProperties return new ChallengeResult(new AuthenticationProperties {
{ RedirectUri = Url.Action(nameof(Authorize), new {
RedirectUri = Url.Action("ExternalLoginCallback","Account",new {returnUrl=request.BuildRedirectUrl()}) unique_id = request.GetUniqueIdentifier()
}); })});
} }
// Note: ASOS automatically ensures that an application corresponds to the client_id specified // Note: ASOS automatically ensures that an application corresponds to the client_id specified
// in the authorization request by calling IOpenIdConnectServerProvider.ValidateAuthorizationRequest. // in the authorization request by calling IOpenIdConnectServerProvider.ValidateAuthorizationRequest.

67
Yavsc/src/Startup.cs
Unescape Escape View File

@ -210,6 +210,7 @@ namespace Yavsc
option.Cookies.ApplicationCookie.DataProtectionProvider = option.Cookies.ApplicationCookie.DataProtectionProvider =
new MonoDataProtectionProvider(Configuration["Site:Title"]); new MonoDataProtectionProvider(Configuration["Site:Title"]);
option.Cookies.ApplicationCookie.CookieName = "Bearer"; option.Cookies.ApplicationCookie.CookieName = "Bearer";
} }
).AddEntityFrameworkStores<ApplicationDbContext>() ).AddEntityFrameworkStores<ApplicationDbContext>()
.AddTokenProvider<EmailTokenProvider<ApplicationUser>>(Constants.EMailFactor) .AddTokenProvider<EmailTokenProvider<ApplicationUser>>(Constants.EMailFactor)
@ -247,7 +248,7 @@ namespace Yavsc
options.AddPolicy("FrontOffice", policy => policy.RequireRole(Constants.FrontOfficeGroupName)); options.AddPolicy("FrontOffice", policy => policy.RequireRole(Constants.FrontOfficeGroupName));
options.AddPolicy("Bearer",new AuthorizationPolicyBuilder() options.AddPolicy("Bearer",new AuthorizationPolicyBuilder()
.AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme) .AddAuthenticationSchemes("ServerCookie")
.RequireAuthenticatedUser().Build()); .RequireAuthenticatedUser().Build());
// options.AddPolicy("EmployeeId", policy => policy.RequireClaim("EmployeeId", "123", "456")); // options.AddPolicy("EmployeeId", policy => policy.RequireClaim("EmployeeId", "123", "456"));
// options.AddPolicy("BuildingEntry", policy => policy.Requirements.Add(new OfficeEntryRequirement())); // options.AddPolicy("BuildingEntry", policy => policy.Requirements.Add(new OfficeEntryRequirement()));
@ -358,18 +359,13 @@ namespace Yavsc
} }
} }
app.UseIISPlatformHandler(
options => options.AuthenticationDescriptions.Clear()
);
var googleOptions = new YavscGoogleOptions var googleOptions = new YavscGoogleOptions
{ {
ClientId = Configuration["Authentication:Google:ClientId"], ClientId = Configuration["Authentication:Google:ClientId"],
ClientSecret = Configuration["Authentication:Google:ClientSecret"], ClientSecret = Configuration["Authentication:Google:ClientSecret"],
/* AccessType = "offline", AccessType = "offline",
SaveTokensAsClaims = true, SaveTokensAsClaims = true,
UserInformationEndpoint = "https://www.googleapis.com/plus/v1/people/me",*/ UserInformationEndpoint = "https://www.googleapis.com/plus/v1/people/me",
AutomaticAuthenticate=true,
AutomaticChallenge=true AutomaticChallenge=true
}; };
var gvents = new OAuthEvents(); var gvents = new OAuthEvents();
@ -392,6 +388,12 @@ namespace Yavsc
googleOptions.Scope.Add("https://www.googleapis.com/auth/calendar"); googleOptions.Scope.Add("https://www.googleapis.com/auth/calendar");
app.UseIISPlatformHandler(options =>
{
options.AuthenticationDescriptions.Clear();
options.AutomaticAuthentication = true;
});
app.UseFileServer(new FileServerOptions() app.UseFileServer(new FileServerOptions()
{ {
FileProvider = new PhysicalFileProvider( FileProvider = new PhysicalFileProvider(
@ -406,7 +408,30 @@ namespace Yavsc
EnableDirectoryBrowsing = false EnableDirectoryBrowsing = false
}); });
app.UseStaticFiles().UseWebSockets(); app.UseStaticFiles().UseWebSockets();
app.UseIdentity(); app.UseIdentity();
app.UseCookieAuthentication(options =>
{
options.AutomaticAuthenticate = true;
options.AutomaticChallenge = true;
options.AuthenticationScheme = "ServerCookie";
options.ExpireTimeSpan = TimeSpan.FromMinutes(5);
options.LoginPath = new PathString("/signin");
options.LogoutPath = new PathString("/signout");
// options.CookieName = "Bearer";
});
app.UseMiddleware<Yavsc.Auth.GoogleMiddleware>(googleOptions);
// Facebook
app.UseFacebookAuthentication(options =>
{
options.AppId = Configuration["Authentication:Facebook:AppId"];
options.AppSecret = Configuration["Authentication:Facebook:AppSecret"];
options.Scope.Add("email");
options.UserInformationEndpoint = "https://graph.facebook.com/v2.5/me?fields=id,name,email,first_name,last_name";
});
app.UseOpenIdConnectServer(options => app.UseOpenIdConnectServer(options =>
{ {
options.Provider = new AuthorizationProvider(loggerFactory, options.Provider = new AuthorizationProvider(loggerFactory,
@ -424,6 +449,8 @@ namespace Yavsc
options.ApplicationCanDisplayErrors = true; options.ApplicationCanDisplayErrors = true;
options.AllowInsecureHttp = true; options.AllowInsecureHttp = true;
options.AutomaticChallenge = true; options.AutomaticChallenge = true;
// options.AutomaticAuthenticate=true;
options.AuthorizationEndpointPath = new PathString("/connect/authorize"); options.AuthorizationEndpointPath = new PathString("/connect/authorize");
options.TokenEndpointPath = new PathString("/connect/authorize/accept"); options.TokenEndpointPath = new PathString("/connect/authorize/accept");
@ -434,30 +461,6 @@ namespace Yavsc
// options.ValidationEndpointPath = new PathString("/connect/introspect"); // options.ValidationEndpointPath = new PathString("/connect/introspect");
}); /**/ }); /**/
app.UseCookieAuthentication(options =>
{
options.AutomaticAuthenticate = true;
options.AutomaticChallenge = true;
options.AuthenticationScheme = "ServerCookie";
options.ExpireTimeSpan = TimeSpan.FromMinutes(5);
options.LoginPath = new PathString("/signin");
options.LogoutPath = new PathString("/signout");
});
app.UseMiddleware<Yavsc.Auth.GoogleMiddleware>(googleOptions);
// Facebook
app.UseFacebookAuthentication(options =>
{
options.AppId = Configuration["Authentication:Facebook:AppId"];
options.AppSecret = Configuration["Authentication:Facebook:AppSecret"];
options.Scope.Add("email");
options.UserInformationEndpoint = "https://graph.facebook.com/v2.5/me?fields=id,name,email,first_name,last_name";
});
app.UseRequestLocalization(localizationOptions.Value, (RequestCulture)new RequestCulture((string)"fr")); app.UseRequestLocalization(localizationOptions.Value, (RequestCulture)new RequestCulture((string)"fr"));
/* Generic OAuth (here GitHub): options.Notifications = new OAuthAuthenticationNotifications /* Generic OAuth (here GitHub): options.Notifications = new OAuthAuthenticationNotifications

Write Preview
Loading…