forked from BenjaminAbt/Samples.AspNetCore-IdentityServer4
-
Notifications
You must be signed in to change notification settings - Fork 0
/
SampleConfig.cs
120 lines (100 loc) · 4.28 KB
/
SampleConfig.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
using System.Collections.Generic;
using System.Security.Claims;
using IdentityServer4;
using IdentityServer4.Models;
using IdentityServer4.Test;
namespace BenjaminAbt.Samples.AspNetCore_IdentityServer.Platform_IdentityServerHost
{
public static class IdentityServerSampleConfig
{
public const string IdentityHost = "http://localhost:9010";
public static IEnumerable<ApiResource> GetApiResources()
{
return new List<ApiResource>
{
new ApiResource("Platform.TodoApi", "Sample Todo API Client")
};
}
public static IEnumerable<IdentityResource> GetIdentityResources()
{
return new List<IdentityResource>
{
new IdentityResources.OpenId(),
new IdentityResources.Profile(),
};
}
public static IEnumerable<Client> GetClients()
{
return new List<Client>
{
new Client
{
ClientId = "External.WebApp",
ClientName = "External WebApp",
ClientSecrets = { new Secret("external-webapp-secret".Sha256()) },
AllowedGrantTypes = GrantTypes.HybridAndClientCredentials,
AllowOfflineAccess = true,
// === 'true' for external applications so the user have to authorize the external webapp
RequireConsent = true,
RedirectUris = { "http://localhost:9015/signin-oidc" }, // Url of the WebApp Client
PostLogoutRedirectUris = { "http://localhost:9015/signout-callback-oidc" }, // Url of the WebApp Client
AllowedScopes =
{
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Profile,
"Platform.TodoApi"
},
},
new Client
{
ClientId = "Platform.WebClient",
ClientName = "WebApp MVC Client",
ClientSecrets = { new Secret("webclient-secret".Sha256()) },
AllowedGrantTypes = GrantTypes.HybridAndClientCredentials,
AllowOfflineAccess = true,
// === 'false' for trusted platform clients so the user will not have to accept the application
RequireConsent = false,
RedirectUris = { "http://localhost:9012/signin-oidc" }, // Url of the WebApp Client
PostLogoutRedirectUris = { "http://localhost:9012/signout-callback-oidc" }, // Url of the WebApp Client
AllowedScopes =
{
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Profile,
"Platform.TodoApi"
},
},
new Client
{
ClientId = "Platform.AdminConsoleClient",
ClientName = "AdminConsole Client",
ClientSecrets = { new Secret("adminconsole-secret".Sha256()) },
AllowedGrantTypes = GrantTypes.ResourceOwnerPassword,
AllowedScopes =
{
"Platform.TodoApi"
},
}
};
}
public static List<TestUser> GetUsers()
{
return new List<TestUser>
{
new TestUser
{
SubjectId = "1",
Username = "ben",
Password = "password",
Claims = new List<Claim>
{
new Claim("name", "Benjamin Abt"),
new Claim("nickname", "Ben"),
new Claim("website", "https://www.BenjaminAbt.com"),
new Claim("linkedin", "https://www.linkedin.com/in/benjaminabt/"),
new Claim("twitter", "https://www.twitter.com/abt_benjamin"),
}
}
};
}
}
}