Add .NET server_login_auth_code sample#29
Merged
Conversation
- Minimal ASP.NET Core Minimal-APIs app targeting net10.0 using Microsoft.AspNetCore.Authentication.OpenIdConnect - Port 4260 (HTTPS via dotnet dev-certs); cookie + OIDC auth schemes; SaveTokens + GetClaimsFromUserInfoEndpoint - Env via DotNetEnv for parity with Node samples / acp Quickstart UX - 4 xUnit + WebApplicationFactory tests covering / unauth, / auth, /login challenge, /logout sign-out (OIDC Configuration pre-populated to avoid discovery calls in tests) - Regenerated snippets.json + snippet-manifest.yaml with new dotnet entry (3 snippet steps, install = manifest.lib, lib_version from .csproj regex) - Bump CI workflow dotnet-version to 10.0.x to match the sample's target framework - Default OIDC SignedOutCallbackPath (/signout-callback-oidc) — overriding to "/" makes the middleware swallow all requests to / Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
…bber existing env dotnet run --project src sets CWD to src/, so Env.Load() (which reads ./.env by default) couldn't find the .env at the sample root. Switch to Env.TraversePath().NoClobber().Load() — traverses up from CWD to find .env, and respects env vars already set in the process. The NoClobber bit matters for tests: the fixture sets ISSUER_URL/CLIENT_ID/etc. via Environment.SetEnvironmentVariable before the app boots; without NoClobber a developer-local .env at the sample root would clobber those values and the tests would fail. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
…_name etc. work Microsoft's OIDC middleware remaps inbound claims to long xmlsoap URIs by default (given_name -> http://schemas.xmlsoap.org/.../givenname), so user.FindFirst("given_name") in Program.cs returned null and the page rendered "Welcome, there" against real tenants. Setting MapInboundClaims = false keeps OIDC claim names as-is, so FindFirst("given_name"/"family_name"/"email") lines up with both the ID token payload and the claims our test fixture injects. Tests still pass (4/4) because they already use the short claim names. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
There was a problem hiding this comment.
Pull request overview
Adds a new .NET framework track to the quickstart samples, including a first server_web/server_login_auth_code scenario implemented as an ASP.NET Core Minimal API app, and updates the snippet tooling/CI to support C# projects.
Changes:
- Introduces
samples/dotnet/login-auth-code(Minimal API + cookie auth + OpenID Connect middleware) with xUnit integration tests. - Extends snippet extraction/validation to include
.cssources and infer library versions from.csprojwhenpackage.jsonis absent. - Adds .NET metadata to manifests/snippets plus a new GitHub Actions workflow to build/test .NET samples.
Reviewed changes
Copilot reviewed 15 out of 16 changed files in this pull request and generated 7 comments.
Show a summary per file
| File | Description |
|---|---|
| snippets.json | Adds extracted snippet steps + metadata for the new dotnet server_login_auth_code sample. |
| snippet-manifest.yaml | Registers .NET framework and includes dotnet under server_login_auth_code scenario. |
| scripts/validate-structure.ts | Allows .cs sources when validating sample structure/snippet tags. |
| scripts/extract-snippets.ts | Adds .cs globbing, .csproj lib version fallback, and install fallback for non-Node projects. |
| samples/dotnet/manifest.yaml | New framework manifest describing dotnet scenario metadata and config rows. |
| samples/dotnet/login-auth-code/tests/login-auth-code.tests.csproj | New xUnit test project for the dotnet sample. |
| samples/dotnet/login-auth-code/tests/TestAuthHandler.cs | Test auth handler used to simulate authenticated requests. |
| samples/dotnet/login-auth-code/tests/AuthIntegrationTests.cs | Integration tests covering /, /login, and /logout flows. |
| samples/dotnet/login-auth-code/src/login-auth-code.csproj | New ASP.NET Core app project targeting net10.0 with OIDC + DotNetEnv deps. |
| samples/dotnet/login-auth-code/src/Program.cs | Minimal API implementation using cookie + OIDC middleware, plus simple HTML views. |
| samples/dotnet/login-auth-code/login-auth-code.sln | Solution file grouping app + tests. |
| samples/dotnet/login-auth-code/README.md | Setup/docs for running and testing the dotnet sample. |
| samples/dotnet/login-auth-code/.env.example | Example env config for SecureAuth OIDC settings. |
| placeholder-map.yaml | Adds C# placeholder mappings for env var access patterns. |
| .gitignore | Ignores common .NET build artifacts (bin/, obj/, *.user). |
| .github/workflows/test-dotnet.yml | New CI workflow to restore/build/test all .sln projects under samples/. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Introduces .NET as the fifth framework in the Quickstart samples repo and lands the first
server_web/server_login_auth_codescenario.samples/dotnet/login-auth-code/— ASP.NET Core Minimal-APIs app onhttps://localhost:4260using the built-inMicrosoft.AspNetCore.Authentication.OpenIdConnectmiddlewareplaceholder-map.yaml(csharp section),.csglob in extract/validate scripts,.csprojversion fallback, newtest-dotnet.ymlCI workflow, root.gitignoreadditionsApproach
Program.csmirrors the Node/Express teaching styleAddAuthentication().AddCookie().AddOpenIdConnect(...); the middleware owns/callback, PKCE, state validation, and token storage.envconfig — same user flow as Node samples and acp QuickstartWebApplicationFactory<Program>with a pre-populatedOpenIdConnectConfiguration(bypasses discovery) and a fake auth scheme (TestAuthHandler) for the authenticated-user test🤖 Generated with Claude Code