From 21bb2b079d7f2c1373dcfb777a61b0f49f45a0bb Mon Sep 17 00:00:00 2001 From: "vianney.jourdy" Date: Tue, 27 May 2025 14:17:31 +0200 Subject: [PATCH] modify token information --- src/IdentitySvc/Config.cs | 22 ++++++++--- src/IdentitySvc/HostingExtensions.cs | 4 +- .../Services/CustomProfileService.cs | 37 +++++++++++++++++++ 3 files changed, 56 insertions(+), 7 deletions(-) create mode 100644 src/IdentitySvc/Services/CustomProfileService.cs diff --git a/src/IdentitySvc/Config.cs b/src/IdentitySvc/Config.cs index 9628915..a5010f4 100644 --- a/src/IdentitySvc/Config.cs +++ b/src/IdentitySvc/Config.cs @@ -14,15 +14,15 @@ public static class Config public static IEnumerable ApiScopes => new ApiScope[] { - new ApiScope("scope1"), - new ApiScope("scope2"), + new ApiScope("optifitApp", "Optifit App API Scope"), + //new ApiScope("scope2"), }; public static IEnumerable Clients => new Client[] { // m2m client credentials flow client - new Client + /*new Client { ClientId = "m2m.client", ClientName = "Client Credentials Client", @@ -31,10 +31,10 @@ public static class Config ClientSecrets = { new Secret("511536EF-F270-4058-80CA-1C89C192F69A".Sha256()) }, AllowedScopes = { "scope1" } - }, + },*/ // interactive client using code flow + pkce - new Client + /*new Client { ClientId = "interactive", ClientSecrets = { new Secret("49C1A7E1-0C79-4A89-A3D6-A37998FB86B0".Sha256()) }, @@ -47,6 +47,16 @@ public static class Config AllowOfflineAccess = true, AllowedScopes = { "openid", "profile", "scope2" } - }, + },*/ + + new Client + { + ClientId = "postman", + ClientName = "Postman", + AllowedScopes = {"openid", "profile", "optifitApp"}, + RedirectUris = {"https://www.getpostman.com/oauth2/callback"}, + ClientSecrets = new[] {new Secret("NotASecret".Sha256())}, + AllowedGrantTypes = {GrantType.ResourceOwnerPassword} + } }; } diff --git a/src/IdentitySvc/HostingExtensions.cs b/src/IdentitySvc/HostingExtensions.cs index b197ca4..0f5f0fa 100644 --- a/src/IdentitySvc/HostingExtensions.cs +++ b/src/IdentitySvc/HostingExtensions.cs @@ -1,6 +1,7 @@ using Duende.IdentityServer; using IdentitySvc.Data; using IdentitySvc.Models; +using IdentitySvc.Services; using Microsoft.AspNetCore.Identity; using Microsoft.EntityFrameworkCore; using Serilog; @@ -34,7 +35,8 @@ internal static class HostingExtensions .AddInMemoryIdentityResources(Config.IdentityResources) .AddInMemoryApiScopes(Config.ApiScopes) .AddInMemoryClients(Config.Clients) - .AddAspNetIdentity(); + .AddAspNetIdentity() + .AddProfileService(); builder.Services.ConfigureApplicationCookie(options => { diff --git a/src/IdentitySvc/Services/CustomProfileService.cs b/src/IdentitySvc/Services/CustomProfileService.cs new file mode 100644 index 0000000..ec35e63 --- /dev/null +++ b/src/IdentitySvc/Services/CustomProfileService.cs @@ -0,0 +1,37 @@ +using System.Security.Claims; +using Duende.IdentityServer.Models; +using Duende.IdentityServer.Services; +using IdentityModel; +using Microsoft.AspNetCore.Identity; +using IdentitySvc.Models; + +namespace IdentitySvc.Services; + +public class CustomProfileService : IProfileService +{ + private readonly UserManager _userManager; + + public CustomProfileService(UserManager userManager) + { + _userManager = userManager; + } + + public async Task GetProfileDataAsync(ProfileDataRequestContext context) + { + var user = await _userManager.GetUserAsync(context.Subject); + var existingClaims = await _userManager.GetClaimsAsync(user); + + var claims = new List + { + new Claim("username", user.UserName), + }; + + context.IssuedClaims.AddRange(claims); + context.IssuedClaims.Add(existingClaims.FirstOrDefault(x => x.Type == JwtClaimTypes.Name)); + } + + public Task IsActiveAsync(IsActiveContext context) + { + return Task.CompletedTask; + } +} \ No newline at end of file