wip: oauth

2024-10-13 22:12:43 +07:00
parent e9f32fc32e
commit b7150c7c43
14 changed files with 234 additions and 65 deletions
--- a/OAuth.Authentik/Program.cs
+++ b/OAuth.Authentik/Program.cs
@@ -0,0 +1,90 @@
+using Microsoft.AspNetCore.Authentication.Cookies;
+
+var builder = WebApplication.CreateBuilder(args);
+
+// Add services to the container.
+// Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle
+builder.Services.AddEndpointsApiExplorer();
+builder.Services.AddSwaggerGen();
+builder.Services.AddAuthentication(options =>
+    {
+        options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
+        options.DefaultChallengeScheme = "oidc";
+    })
+    .AddCookie(CookieAuthenticationDefaults.AuthenticationScheme)
+    .AddOpenIdConnect("oidc", options =>
+    {
+        options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
+        
+        
+        
+        options.Authority = "https://oauth.e1lama.ru/application/o/asp_net";
+        options.ClientId = "";
+        // Securely store and load this value
+        options.ClientSecret = ""; 
+        options.ResponseType = "code";
+        options.SaveTokens = true;
+
+        options.Scope.Add("openid");
+        options.Scope.Add("profile");
+        options.Scope.Add("email");
+
+        options.GetClaimsFromUserInfoEndpoint = true;
+
+        options.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters
+        {
+            NameClaimType = "name"
+        };
+
+        // Optionally handle events
+        options.Events = new Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectEvents
+        {
+            OnAuthenticationFailed = context =>
+            {
+                // Log or handle authentication failures
+                return Task.CompletedTask;
+            },
+            OnTokenValidated = context =>
+            {
+                // Additional token validation can go here
+                return Task.CompletedTask;
+            }
+        };
+    });
+builder.Services.AddAuthorization();
+
+var app = builder.Build();
+
+// Configure the HTTP request pipeline.
+if (app.Environment.IsDevelopment())
+{
+    app.UseSwagger();
+    app.UseSwaggerUI();
+}
+
+app.UseHttpsRedirection();
+app.UseAuthentication();
+app.UseAuthorization();
+
+var summaries = new[]
+{
+    "Freezing", "Bracing", "Chilly", "Cool", "Mild", "Warm", "Balmy", "Hot", "Sweltering", "Scorching"
+};
+
+app.MapGet("/me", (HttpContext ctx) =>
+    {
+        return ctx.User.Claims.Select(x => (x.Type, x.Value));
+    })
+    .RequireAuthorization()
+    .WithOpenApi();
+
+app.MapGet("/login", () =>
+{
+    return Results.Challenge(authenticationSchemes: new List<string>(){"oidc"});
+});
+app.Run();
+
+record WeatherForecast(DateOnly Date, int TemperatureC, string? Summary)
+{
+    public int TemperatureF => 32 + (int)(TemperatureC / 0.5556);
+}