|
1 | 1 | using Fido2Identity; |
2 | 2 | using Fido2NetLib; |
3 | 3 | using Microsoft.AspNetCore.Authentication.Cookies; |
| 4 | +using Microsoft.AspNetCore.Authentication.OpenIdConnect; |
4 | 5 | using Microsoft.AspNetCore.Identity; |
5 | 6 | using Microsoft.EntityFrameworkCore; |
6 | 7 | using Microsoft.IdentityModel.Logging; |
7 | 8 | using Microsoft.IdentityModel.Protocols.OpenIdConnect; |
8 | 9 | using Microsoft.IdentityModel.Tokens; |
9 | 10 | using OpeniddictServer.Data; |
10 | 11 | using Quartz; |
| 12 | +using System.IdentityModel.Tokens.Jwt; |
11 | 13 | using System.Security.Claims; |
12 | 14 | using static OpenIddict.Abstractions.OpenIddictConstants; |
13 | 15 |
|
@@ -128,6 +130,27 @@ public void ConfigureServices(IServiceCollection services) |
128 | 130 | RoleClaimType = ClaimTypes.Role, |
129 | 131 | ValidateIssuer = true |
130 | 132 | }; |
| 133 | + }) |
| 134 | + .AddOpenIdConnect("EntraID", "EntraID", oidcOptions => |
| 135 | + { |
| 136 | + oidcOptions.SignInScheme = "entraidcookie"; |
| 137 | + oidcOptions.Scope.Add(OpenIdConnectScope.OpenIdProfile); |
| 138 | + oidcOptions.Scope.Add("user.read"); |
| 139 | + oidcOptions.Scope.Add(OpenIdConnectScope.OfflineAccess); |
| 140 | + oidcOptions.Authority = $"https://login.microsoftonline.com/{Configuration["AzureAd:TenantId"]}/v2.0/"; |
| 141 | + oidcOptions.ClientId = Configuration["AzureAd:ClientId"]; |
| 142 | + oidcOptions.ClientSecret = Configuration["AzureAd:ClientSecret"]; |
| 143 | + oidcOptions.ResponseType = OpenIdConnectResponseType.Code; |
| 144 | + oidcOptions.MapInboundClaims = false; |
| 145 | + oidcOptions.SaveTokens = true; |
| 146 | + oidcOptions.TokenValidationParameters.NameClaimType = JwtRegisteredClaimNames.Name; |
| 147 | + oidcOptions.TokenValidationParameters.RoleClaimType = "role"; |
| 148 | + |
| 149 | + oidcOptions.Events = new OpenIdConnectEvents |
| 150 | + { |
| 151 | + // Add event handlers |
| 152 | + |
| 153 | + }; |
131 | 154 | }); |
132 | 155 |
|
133 | 156 | services.AddOpenIddict() |
|
0 commit comments